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(57)Abstract: 

PROBLEM TO BE SOLVED: To freely distribute contents and allow only authorized 
users to utilize the contents. 

SOLUTION: A client receives an encrypted content from a content server. The 
header of the content includes license-identifying information for identifying a license 
required in utilization of the content. The client requests a license server to transmit a 
license identified by the license-identifying information. When receiving the request 
for a license, the license server carries out a charging process before transmitting the 
license to the client. The client can decode and play back the content on the 
condition of possessing the license. 

* NOTICES * 

JPO and I MP IT are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect 
the original precisely. 

2. **** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1]An information processor comprising: 

License specific information for specifying said license which carries out the 
utilization permission of the contents concerned in an information processor which 
permits use of contents on condition that a license is held. 
Enciphered contents data. 

A content storing means which memorizes said contents including key information 
required in order to decode contents data. 

A license memory measure which memorizes a license containing contents specific 
information for specifying said contents by which a utilization permission is carried out, 
A judging means which judges whether a license which can carry out the utilization 
permission of said contents is memorized by said license memory measure, and a 



decoding means which decodes contents data of said contents on condition that it 
was judged that a license was memorized by said judging means. 

[Claim 2]The information processor according to claim 1 which is provided with the 
following and characterized by a license received by said reception means being 
memorized by said license memory measure. 

A transmitting means which transmits a license request containing license 
identification information for said information processor to identify a license to a 
license server further. 

A reception means which receives a license transmitted by license server. 

[Claim 3]The information processor according to claim 1, wherein said contents data 
is further provided with a reproduction means which reproduces contents data which 
is the data which combined text data, image data, voice data, a video data, or them, 
and was decoded by said decoding means. 

[Claim 4]Said key information contains EKB (Enabling Key Block), Said information 
processor is provided with a device node key memory measure which memorizes a 
device node key further, Said decoding means said EKB (Enabling Key Block) using a 
route key by which decoding processing might be carried out using said device node 
key memorized by said device node key memory measure said enciphered contents 
data. The decoding information processor according to claim 1. 

[Claim 5]Said key information contains a contents key further enciphered by route 
key of said EKB (Enabling Key Block), Said contents data is enciphered by said 
contents key, Said decoding means said contents key decoded using a route key by 
which decoding processing might be carried out in said EKB (Enabling Key Block) using 
said device node key memorized by said device node key memory measure. The 
information processor according to claim 4 using and decoding said enciphered 
contents data. 

[Claim 6]The information processor according to claim 1, wherein said license includes 
service-condition information which shows further a service condition of contents 
which become available according to the license concerned. 

[Claim 7]The information processor according to claim 1, wherein said license includes 
further an electronic signature made with a secret key of a license server. 
[Claim 8]Said information processor is provided with a 
terminal-identification-information memory measure which memorizes terminal 
identification information which identifies an information processor further, Said 
license request includes further said terminal identification information memorized by 
terminal-identification-information memory measure, Further said license received by 
said reception means including said terminal identification information said judging 
means, Said terminal identification information included in said license is compared 



with said terminal identification information memorized by said 
terminal-identification-information memory measure, The information processor 
according to claim 2 restricting when both are in agreement, and judging that the 
license concerned is a license to which use of said contents is permissible. 
[Claim 9]An information processing method with which use of contents is permitted 
on condition that a license characterized by comprising the following is held. 
License specific information for specifying said license which carries out the 
utilization permission of the contents concerned. 

Key information required in order to decode enciphered contents data and contents 
data. 

[Claim 10] A program which makes a computer perform processing to which use of 
contents is permitted on condition that a license characterized by comprising the 
following is held. 

License specific information for specifying said license which carries out the 
utilization permission of the contents concerned. 

Key information required in order to decode enciphered contents data and contents 
data. 

[Claim 11]The program according to claim 10, wherein said program or its part is 
enciphered. 

[Claim 12]A license server which publishes a license to which use of contents is 
permitted, comprising: 

Contents specific information for specifying said contents a utilization permission is 
carried out by the license concerned of. 

A reception means which receives a license request containing license identification 

information which was transmitted from a license memory measure which memorizes 

said license including terminal identification information which identifies an information 

processor, and an information processor, and which identifies a license. 

An extraction means to extract said license corresponding to said license 

identification information contained in said license request from said license memory 

measure. 

A processing means to add said terminal identification information to said license 
extracted by said extraction means. 

A signature means which adds an electronic signature to a license to which terminal 
identification information was added by said processing means using a secret key of a 
license server. 

A transmitting means which transmits a license signed by said signature means to an 
information processor which transmitted said license request. 



[Claim 13]An information processing method which publishes a license to which use of 
contents is permitted, comprising: 

Contents specific information for specifying said contents a utilization permission is 
carried out by the license concerned of. 

A step which memorizes said license including terminal identification information 
which identifies an information processor. 

A step which receives a license request containing license identification information 
which was transmitted from an information processor, and which identifies a license. 
A step which extracts said license corresponding to said license identification 
information contained in said license request from said license memory measure, A 
step which adds said terminal identification information to said license extracted by 
said extraction means, A step which adds an electronic signature to a license to which 
terminal identification information was added by said processing means using a secret 
key of a license server, and a step which transmits a license signed by said signature 
means to an information processor which transmitted said license request. 

[Claim 14]Contents specific information for being a program which makes a computer 
perform processing processing which publishes a license to which use of contents is 
permitted, and specifying said contents a utilization permission is carried out by the 
license concerned of, A step which memorizes said license including terminal 
identification information which identifies an information processor, A step which 
receives a license request containing license identification information which was 
transmitted from an information processor, and which identifies a license, A step 
which extracts said license corresponding to said license identification information 
contained in said license request from said license memory measure, A step which 
adds said terminal identification information to said license extracted by said 
extraction means, A step which adds an electronic signature to a license to which 
terminal identification information was added by said processing means using a secret 
key of a license server, A program which makes a computer perform a step which 
transmits a license signed by said signature means to an information processor which 
transmitted said license request. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention]This invention about an information processor and a method, a 
license server, and a program, The contents which have not been licensed in particular 



from an owner of a copyright are copied unjustly, and are related with the information 
processor and the method, license server, and program which enabled it to prevent 
being used. 
[0002] 

[Description of the Prior Art]These days, as a user provides other users with the 
music data which he holds via the Internet and offers are received for the music data 
which he does not hold from other users, the system where two or more users 
exchange music data for nothing and which they suit is realized. 

[0003]If the contents of one music and others exist theoretically, in order that other 
users of all the may be enabled to use it and many users may not purchase contents 
in such a system, Since the owner of a copyright about contents cannot sell the 
contents as works, he will lose an opportunity to receive the loyalty about use of the 
works which can originally be received with sale of works. 
[0004] 

[Problem(s) to be Solved by the Invention]Then, it is requested socially that it should 

prevent being used unjustly, without barring circulation of contents. 

[0005]This invention is made in view of such a situation, and it enables it to prevent 

contents from being used unjustly certainly. 

[0006] 

[Means for Solving the Problem]License specific information for specifying a license 
required in order that an information processor of this invention may carry out the 
utilization permission of the contents, A content storing means which memorizes 
contents including enciphered contents data and key information required in order to 
decode contents data, A license memory measure which memorizes a license 
containing contents specific information for specifying contents by which a utilization 
permission is carried out, A judging means which judges whether a license which can 
carry out the utilization permission of the contents is memorized by license memory 
measure, It has a decoding means which decodes contents data of contents on 
condition that it was judged that a license was memorized by a judging means. 
[0007]A transmitting means which transmits a license request containing license 
identification information for an information processor to identify a license to a license 
server further, It has a reception means which receives a license transmitted by 
license server, and a license received by a reception means can be memorized by 
license memory measure. 

[0008]Contents data is the data which combined text data, image data, voice data, a 
video data, or them, and can be further provided with a reproduction means which 
reproduces contents data decoded by decoding means. 

[0009]Key information contains EKB (Enabling Key Block), An information processor is 
provided with a device node key memory measure which memorizes a device node key 
further, The decoding means can decode contents data enciphered using a route key 



by which decoding processing might be carried out in EKB (EnablingKey Block) using a 
device node key memorized by device node key memory measure. 
[0010]Key information contains a contents key further enciphered by route key of 
EKB (Enabling Key Block), Contents data is enciphered by contents key, A decoding 
means contents data enciphered using a contents key decoded using a route key by 
which decoding processing might be carried out in EKB (Enabling Key Block) using a 
device node key memorized by device node key memory measure. It can decode. 
[0011]The license can include service-condition information which shows further a 
service condition of contents which become available according to the license. 
[0012]The license can include further an electronic signature made with a secret key 
of a license server. 

[001 3] An information processor is provided with a terminal-identification-information 
memory measure which memorizes terminal identification information which identifies 
an information processor further, Further a license with which a license request was 
further received by a reception means including terminal identification information 
memorized by terminal-identification-information memory measure including terminal 
identification information a judging means, Terminal identification information included 
in a license is compared with terminal identification information memorized by 
terminal-identification-information memory measure, when both are in agreement, it 
restricts, and it can judge that the license is a license to which use of contents is 
permissible. 

[001 4] License specific information for an information processing method of this 
invention to specify a license which carries out the utilization permission of the 
contents, Enciphered contents data and key information required in order to decode 
contents data, A step which memorizes a step which memorizes ****** contents, and 
a license containing contents specific information for specifying contents by which a 
utilization permission is carried out, A step which judges whether a license which can 
carry out the utilization permission of the contents is memorized by license memory 
measure, A step which decodes contents data of contents on condition that it was 
judged that a license was memorized by a judging means is included. 
[0015]License specific information for a program of this invention to specify a license 
which carries out the utilization permission of the contents, Enciphered contents data 
and key information required in order to decode contents data, A step which 
memorizes a step which memorizes ****** contents, and a license containing 
contents specific information for specifying contents by which a utilization permission 
is carried out, A step which judges whether a license which can carry out the 
utilization permission of the contents is memorized by license memory measure, A 
computer is made to perform a step which decodes contents data of contents on 
condition that it was judged that a license was memorized by a judging means. 
[001 6]A program or its part can be enciphered. 



[0017]Since contents permitted are specified, this invention is characterized by a 
license server comprising the following. 
Contents specific information. 

A license memory measure which memorizes a license including terminal identification 
information which identifies an information processor. 

A reception means which receives a license request containing license identification 
information which was transmitted from an information processor, and which identifies 
a license. 

An extraction means to extract a license corresponding to license identification 
information contained in a license request from a license memory measure, A 
processing means to add terminal identification information to a license extracted by 
an extraction means, A signature means which adds an electronic signature to a 
license to which terminal identification information was added by a processing means 
using a secret key of a license server, and a transmitting means which transmits a 
license signed by a signature means to an information processor which transmitted a 
license request. 

[0018]Since contents by which a utilization permission is carried out are specified, 
this invention is characterized by an information processing method comprising the 
following. 

Contents specific information. 

A step which memorizes a license including terminal identification information which 
identifies an information processor. 

A step which receives a license request containing license identification information 
which was transmitted from an information processor, and which identifies a license. 
A step which extracts a license corresponding to license identification information 
contained in a license request from a license memory measure, A step which adds 
terminal identification information to a license extracted by an extraction means, A 
step which adds an electronic signature to a license to which terminal identification 
information was added by a processing means using a secret key of a license server, 
and a step which transmits a license signed by a signature means to an information 
processor which transmitted a license request. 

[0019]In an information processor of this invention, an information processing method, 
and a program, on condition that a license is held, contents are decoded, and it is 
made available. 

[0020]In a license server of this invention, and an information processing method, an 

effective license is published only with a specific information processor. 

[0021] 

[Embodiment of the Invention] Drawing 1 shows the composition of the contents 



providing system which applied this invention. Client 1-1,1-2 (hereafter, when these 
clients do not need to be distinguished separately, the client 1 is only called) is 
connected to the Internet 2. In this example, although two clients are shown, the 
client of the arbitrary number is connected to the Internet 2. 

[0022]On the Internet 2. When the contents server 3 which provides contents to the 
client 1, the license server 4 which gives a license required to use the contents which 
the contents server 3 provides to the client 1, and the client 1 receive a license, The 
fee collection server 5 which performs accounting to the client 1 is connected. 
[0023]These contents servers 3, the license server 4, and the fee collection server 5 
are also connected to the arbitrary number and the Internet 2. 
[0024] Drawing 2 expresses the composition of the client 1. 

[0025]In drawing 2 , CPU(CentralProcessing Unit) 21, Various kinds of processings are 
performed according to the program memorized by ROM(Read Only Memory) 22 or 
the program loaded to RAM(Random Access Memory) 23 from the storage parts store 
28. the timer 20 — a time check — it operates and time information is supplied to 
CPU21. To RAM23, CPU21 performs various kinds of processings again, and also 
required data etc. are memorized suitably. 

[0026]The encryption decoding part 24 performs processing which decodes the 
already enciphered contents data while enciphering contents data. The codec part 25 
encodes contents data by ATRAC(Adaptive Transform Acoustic Coding)3 method 
etc., for example, It is made to supply and record on the semiconductor memory 44 
connected to the drive 30 via the input/output interface 32. Or the codec part 25 
decodes the data which was read from the semiconductor memory 44 via the drive 30 
and which is encoded again. 

[0027]The semiconductor memory 44 is constituted by the memory stick (trademark) 
etc., for example. 

[0028]CPU21, ROM22, RAM23, the encryption decoding part 24, and the codec part 
25 are mutually connected via the bus 31. The input/output interface 32 is also 
connected to this bus 31 again. 

[0029]The input part 26, CRT which become the input/output interface 32 from a 
keyboard, a mouse, etc., The communications department 29 which comprises the 
storage parts store 28, a modem, a terminal adopter, etc. which comprise the 
outputting part 27 which consists of a display which consists of LCD etc., a 
loudspeaker, etc., a hard disk, etc. is connected. The communications department 29 
performs the communications processing through the Internet 2. The communications 
department 29 performs the communications processing of an analog signal or a 
digital signal among other clients again. 

[0030]The drive 30 is connected to the input/output interface 32 again if needed, It is 
suitably equipped with the magnetic disk 41, the optical disc 42, the magneto-optical 
disc 43, or the semiconductor memory 44, and the computer program read from them 



is installed in the storage parts store 28 if needed. 

[0031] Although a graphic display is omitted, the contents server 3, the license server 
4, and the fee collection server 5 are also constituted by the client 1 shown in drawing 
2, and the computer which has the same composition fundamentally. Then, in the 
following explanation, the composition of drawing 2 is quoted also as composition of 
the contents server 3, the license server 4, the fee collection server 5, etc. 
[0032]Next, with reference to the flow chart of drawing 3 , the client 1 explains the 
processing which receives offer of contents from the contents server 3. 
[0033]When a user orders it access to the contents server 3 by operating the input 
part 26, CPU21 controls the communications department 29 and he makes it access 
the contents server 3 via the Internet 2 in Step S1. In Step S2, a user operates the 
input part 26, and if the contents which receive offer are specified, CPU21 will receive 
this specification information and will notify the contents specified as the contents 
server 3 via the Internet 2 from the communications department 29. The contents 
server 3 which received this notice so that it may mention later with reference to the 
flow chart of drawing 4 , Since the enciphered contents data is transmitted, in Step S3 
CPU21, If this contents data is received via the communications department 29, that 
contents data enciphered will be supplied and stored in the hard disk which 
constitutes the storage parts store 28 in step S4. 

[0034]Next, with reference to the flow chart of drawing 4 , contents offer processing of 
the contents server 3 corresponding to the above processing of the client 1 is 
explained. In the following explanation, the composition of the client 1 of drawing 2 is 
quoted also as composition of the contents server 3. 

[0035]In Step S21, CPU21 of the contents server 3, It stands by until it receives 
access from the Internet 2 from the client 1 via the communications department 29, 
and when it judges with having received access, it progresses to Step S22 and the 
information which specifies the contents transmitted from the client 1 is incorporated. 
The information which specifies these contents is information which the client 1 has 
notified in Step S2 of drawing 3 . 

[0036]In Step S23, CPU21 of the contents server 3 reads the contents specified for 
the information incorporated by processing of Step S22 out of the contents data 
memorized by the storage parts store 28. CPU21 supplies the contents data read 
from the storage parts store 28 to the encryption decoding part 24, and makes it 
encipher in Step S24 using the contents key Kc. 

[0037]Since the contents data memorized by the storage parts store 28 is already 
encoded by the codec part 25 with ATRAC3 method, this contents data encoded will 
be enciphered. 

[0038]Of course, the storage parts store 28 can be made to memorize contents data 
in the state where it enciphered beforehand. In this case, processing of Step S24 can 
be omitted. 



[0039]Next, in Step S25 CPU21 of the contents server 3, Key information (EKB and 
K EKBC (Kc) which are later mentioned with reference to drawing 5 ) required to decode 
the contents enciphered by the header which constitutes the format which transmits 
the enciphered contents data, License ID for identifying a license required to use 
contents is added. And in Step S26 CPU21 of the contents server 3, The data which 
formatted the key and the header which added license ID is transmitted to the 
accessed client 1 via the Internet 2 from the communications department 29 at the 
contents enciphered by processing of Step S24, and processing of Step S25. 
[0040] Drawing 5 is carried out in this way, and expresses the composition of the 
format in case contents are supplied to the client 1 from the contents server 3. This 
format is constituted by header (Header) and the data (Data) as shown in the figure. 
[0041 ]In a header, contents information (Content information), 
Digital-rights-management information (DRM (Digital Right Management) information), 
license ID (License ID) and an INEBU ring key block (validation key blocks) (EKB 
(EnablingKey Block)) — and, Data K EKBC (Kc) as the contents key Kc enciphered using 
ke y K EKBC generated from EKB is arranged. EKB is later mentioned with reference to 
drawing 15 . 

[0042]Information, including the method etc. of the content ID (CID) as identification 
information for identifying the contents data by which formatting is carried out as data, 
and the codec of the contents, is included in contents information. 
[0043]The rule and state (Usagerules/status) which use contents for 
digital-rights-management information, and URL (Uniform Resource Locator) are 
arranged. The reproduction frequency of contents, copy frequency, etc. are described 
by a use rule and the state, for example. 

[0044]URL is address information accessed when acquiring the license specified by 
license ID, and is an address of the license server 4 specifically required in the case of 
the system of drawing 1 , since it is licensed. License ID identifies the license needed 
when using the contents currently recorded as data. 

[0045]Data is constituted by arbitrary numbers of encryption blocks (Encryption 
Block). Each encryption block is constituted by an initial vector (IV (Initial Vector)), 
the seed (Seed), and data E Kc (data) that enciphered contents data by key K'c. 
[0046]Key K'c is constituted by the value calculated to the hash function with the 
application of the value Seed set to the contents key Kc by random numbers as 
shown in a following formula. 

[0047]K'c=Hash(Kc, Seed)[0048]The initial vector IV and the seed Seed are set as a 
different value for every encryption block. 

[0049]The data of contents is classified per 8 bytes and this encryption is performed 
every 8 bytes. 8 bytes of latter encryption is performed in the CBC (Cipher Block 
Chaining) mode performed using the result of 8 bytes of encryption of the preceding 
paragraph. 



[0050]Since 8 bytes of encryption result of the preceding paragraph does not exist 
when enciphering 8 bytes of first contents data in the case of the CBC mode, when 
enciphering 8 bytes of first contents data, encryption is performed by making the 
initial vector IV into an initial value. 

[0051]By performing encryption by this CBC mode, even if one encryption block is 
decoded, it is controlled that that influence attains to other encryption blocks. 
[0052]About this encryption, drawing 46 is made reference and explained in full detail 
behind. 

[0053]About a cipher system, it does not restrict to this. 

[0054]The client 1 is no charge about the contents server 3 to contents as mentioned 
above, and it can acquire freely. Therefore, the contents themselves become possible 
[ distributing ] in large quantities. 

[0055] However, each client 1 needs to hold the license, when using the acquired 
contents. Then, with reference to drawing 6 , processing in case the client 1 
reproduces contents is explained. 

[0056]In Step S41, CPU21 of the client 1 acquires the identification information (CID) 
of the contents to which it pointed because a user operates the input part 26. This 
identification information is constituted by the title of contents, the number given for 
each [ which is memorized ] contents of every, etc., for example. 

[0057]And CPU21 will read license ID (ID of a license required to use the contents) 
corresponding to the contents, if contents are directed. This license ID is described 
by the header of the contents data enciphered as shown in drawing 5 . 
[0058]Next, it is judged whether it progresses to Step S42, and the license 
corresponding to license ID read at Step S41 is already acquired by the client 1, and 
CPU21 is memorized by the storage parts store 28. When the license is not acquired, 
it progresses to Step S43 and CPU21 still performs license acquisition processing. 
The details of this license acquisition processing are later mentioned with reference 
to the flow chart of drawing 7 . 

[0059]When judged with the license already being acquired in Step S42, Or in Step 
S43, as a result of performing license acquisition processing, when a license is 
acquired, it progresses to Step S44 and it is judged whether the license from which 
CPU21 is acquired is a thing within the term of validity. It is judged by comparing with 
the term (refer to drawing 8 mentioned later) specified as contents of the license, and 
the present date clocked by the timer 20 whether a license is a thing within the term 
of validity. When judged with the term of validity of a license having already expired, it 
progresses to Step S45 and CPU21 performs a license update process. The details of 
this license update process are later mentioned with reference to the flow chart of 
drawing 10 . 

[0060]When judged with a license being still within the term of validity in Step S44, Or 
when a license is updated, it progresses to Step S46, and CPU21 reads the contents 



data enciphered from the storage parts store 28, and is made to store it in RAM23 in 
Step S45. And it is the encryption block unit arranged at the data of drawing 5 , the 
data of the encryption block memorized by RAM23 is supplied to the encryption 
decoding part 24, and CPU21 makes it decode in Step S47 using the contents key Kc. 
[0061] Although the example of the method of obtaining the contents key Kc is later 
mentioned with reference to drawing 15 , Key K EKBC contained in EKB ( drawing 5 ) can 
be obtained using a device node key (DNK) ( drawing 8 ), and the contents key Kc can 
be obtained from data K EKBC (Kc) and ( drawing 5 ) using the key K EKBC . 
[0062]CPU21 supplies the contents data decoded by the encryption decoding part 24 
to the codec part 25, and makes it decode in Step S48 further. And from the 
input/output interface 32, CPU21 supplies the data decoded by the codec part 25 to 
the outputting part 27, carries out D/A conversion, and makes it output from a 
loudspeaker. 

[0063]Next, with reference to the flow chart of drawing 7 , the details of the license 
acquisition processing performed at Step S43 of drawing 6 are explained. 
[0064]The client 1 acquires the service information containing the pair of the leaves 
ID and DNK (Device Node Key), and the secret key and public key of the client 1, the 
public key of a license server, and the certificate of each public key by registering with 
a license server a priori. 

[0065]Leaf ID is a device node key required to express the identification information 
assigned for every client, and for DNK decode the contents key Kc which is contained 
in EKB (validation key blocks) corresponding to the license and which is enciphered 
(with reference to drawing 12 , it mentions later). 

[0066]In Step S61, CPU21 acquires first URL corresponding to license ID made into 
the processing object now from the header shown in drawing 5 . As mentioned above, 
this URL is an address which should be accessed when acquiring the license 
corresponding to license ID too described by the header. Then, in Step S62, CPU21 
accesses URL acquired at Step S61. Specifically, access is performed to the license 
server 4 by the communications department 29 via the Internet 2. At this time, the 
license server 4 requires the input of the license specification information that the 
license (license required to use contents) to purchase is specified and user ID, and a 
password, from the client 1 (Step S102 of drawing 9 mentioned later). CPU21 displays 
this demand on the indicator of the outputting part 27. Based on this display, a user 
operates the input part 26 and enters license specification information, user ID, and a 
password. The user of the client 1 accesses the license server 4 via the Internet 2, 
and acquires this user ID and password a priori. 

[0067]ln Step S63 and S64, CPU21 incorporates user ID and a password while 
incorporating the license identification information inputted from the input part 26. 
CPU21 makes the license request which controls the communications department 29 
and contains the inputted user ID and leaf ID contained in license specification 



information and service information (it mentions later) in a password transmit to the 
license server 4 via the Internet 2 in Step S65. 

[0068]the license server 4 is based on user ID, a password, and license specification 
information so that it may mention later with reference to drawing 9 — a license — 
transmitting (Step S109) — or a license is not transmitted when conditions are not 
fulfilled (Step S112). 

[0069]When it judges whether the license has been transmitted from the license 
server 4 and the license has been transmitted, it progresses to Step S67, and CPU21 
supplies the license to the storage parts store 28, and makes it memorize in Step S66. 
[0070]In Step S66, when it judges with a license not being transmitted, it progresses 
to Step S68 and CPU21 performs error handling. Since the license for using contents 
is not acquired, specifically, CPU21 forbids regeneration of contents. 
[0071 ]It becomes possible to use the contents only after acquiring the license 
corresponding to license ID to which each client 1 accompanies contents data as 
mentioned above. 

[0072]License acquisition processing of drawing 7 can also be beforehand carried out, 
before each user acquires contents. 

[0073]The license with which the client 1 is provided contains a service condition and 
leaf ID ****, for example, as shown in drawing 8 . 

[0074]The expiration date which can use contents for a service condition based on 
the license, The download term which can download contents based on the license, 
The number of times which can copy contents based on the license (copy frequency 
allowed), Based on the number of times of check-out, the number of times of the 
maximum check-out, and its license, The information which shows the number of 
times which can copy contents to a right recordable on CD-R and PD (Portable 
Device), the right that a license can be shifted to ownership (acquisition state), duty 
to take a use log, etc. is included. 

[0075]Next, with reference to the flow chart of drawing 9 , license offer processing of 
the license server 4 performed corresponding to the license acquisition processing of 
the client 1 of drawing 7 is explained. The composition of the client 1 of drawing 2 is 
quoted as composition of the license server 4 also in this case. 

[0076]In Step S101, CPU21 of the license server 4, When it stands by until it received 
access from the client 1, and access is received, transmission of user ID, a password, 
and license specification information is required from the client 1 which has 
progressed and accessed Step S102. As it mentioned above, by processing of Step 
S65 of drawing 7 from the client 1. When user ID, a password and leaf ID, and license 
specification information (license ID) have been transmitted, CPU21 of the license 
server 4 performs processing which receives and incorporates this via the 
communications department 29. 

[0077]And in Step S103, CPU21 of the license server 4 accesses the fee collection 



server 5 from the communications department 29, and requires the crediting process 
of the user corresponding to user ID and a password. If the demand of a crediting 
process is received from the license server 4 via the Internet 2, the fee collection 
server 5, The payment history of the past of the user corresponding to the user ID 
and password, etc. are investigated, When the credit result which permits grant of a 
license when it investigates whether there is any track record of the nonpayment of 
the remuneration of the user's license in the past and there is no such track record is 
transmitted and there are a track record of nonpayment, etc., the credit result of the 
disapproval of license granting is transmitted. 

[0078]In Step S104, CPU21 of the license server 4, When it judges whether the credit 
result from the fee collection server 5 is a credit result which permits giving a license 
and grant of the license is permitted, It progresses to Step S105 and the license 
corresponding to the license specification information incorporated by processing of 
Step S102 is taken out out of the license memorized by the storage parts store 28. As 
for the license memorized by the storage parts store 28, information, including license 
ID, a version, the date and time of creation, the term of validity, etc., is described 
beforehand. In Step S106, CPU21 adds leaf ID which received with the license. In Step 
S107, CPU21 chooses the service condition matched with the license selected at 
Step S105. Or by processing of Step S102, when a service condition is specified from 
a user, the service condition is added to the service condition currently prepared 
beforehand again if needed. CPU21 adds the selected service condition to a license. 
[0079]In Step S108, CPU21 signs a license with the secret key of a license server, 
and, thereby, the license of composition as shown in drawing 8 is generated. 
[0080]Next, it progresses to Step S109 and CPU21 of the license server 4 makes the 
license (it has the composition shown in drawing 8 ) transmit to the client 1 via the 
Internet 2 from the communications department 29. 

[0081]CPU21 of the license server 4 makes the storage parts store 28 memorize the 
license (a service condition and leaf ID are included) which is processing of Step S109 
and transmitted now in Step S110 corresponding to the user ID and the password 
which were incorporated by processing of Step S102. In Step S1 1 1, CPU21 performs 
accounting. Specifically, CPU21 requires the accounting to the user corresponding to 
the user ID and password of the fee collection server 5 from the communications 
department 29. The fee collection server 5 performs accounting to that user based on 
the demand of this fee collection. It can be licensed, even if that user demands grant 
of a license henceforth when that user does not make payment to this accounting as 
mentioned above. 

[0082]That is, since the credit result which makes grant of a license disapproval from 
the fee collection server 5 is transmitted in this case, it progresses to Step S1 12 from 
Step S104, and CPU21 performs error handling. CPU21 of the license server 4 
outputs the message of the purport that a license cannot be given, to the client 1 



which controlled the communications department 29 and has accessed it, and, 
specifically, terminates processing. 

[0083]In this case, since that client 1 cannot be licensed as mentioned above, using 
those contents (decode a code) can be performed. 

[0084] Drawing 10 expresses the details of the license update process in Step S45 of 
drawing 6 . Processing of Step S131 of drawing 10 thru/or Step S135 is the 
fundamentally same processing as processing of Step S61 of drawing 7 thru/or Step 
S65. However, in Step S133, CPU21 incorporates license ID of the license instead of 
the license to purchase to update. And in Step S135, CPU21 transmits user ID and 
license ID of the license updated with a password to the license server 4. 
[0085]Corresponding to transmitting processing of Step S135, the license server 4 
presents a service condition so that it may mention later (Step S153 of drawing 1 1 ). 
Then, in Step S136, CPU21 of the client 1 receives presentation of the service 
condition from the license server 4, outputs this to the outputting part 27, and 
displays it. A user operates the input part 26, chooses a predetermined service 
condition out of this service condition, or newly adds a predetermined service 
condition. CPU21 transmits the application for purchasing the service condition 
(conditions which update a license) selected as mentioned above to the license server 
4 at Step S137. Corresponding to this application, the license server 4 transmits a 
final service condition so that it may mention later (Step S154 of drawing 1 1 ). Then, in 
Step S138, CPU21 of the client 1 acquires the service condition from the license 
server 4, and updates the service condition in Step S139 as a service condition of the 
corresponding license already memorized by the storage parts store 28. 
[0086] Drawing 1 1 expresses the license update process which the license server 4 
performs corresponding to the license update process of the above client 1. 
[0087]First, in Step S151, in Step S152, CPU21 of the license server 4 will receive the 
license specification information which the client 1 transmitted at Step S135 with 
license update request information, if access from the client 1 is received. 
[0088]In Step S153, if the update request of a license is received, CPU21 will read the 
service condition (service condition to update) corresponding to the license from the 
storage parts store 28, and will transmit to the client 1. 

[0089]In [ if it applies for the purchase of a service condition from the client 1 by 
processing of Step S137 of drawing 1 0 to this presentation as mentioned above ] Step 
S154, CPU21 of the license server 4 generates the data corresponding to the service 
condition for which it applied, and transmits to a client and 1 in Step S154. The client 
1 updates the service condition of the already registered license using the service 
condition received by processing of Step S139, as mentioned above. 
[0090]In this invention, as shown in drawing 12 , the key of a device and a license is 
managed based on the principle of a broadcasting yne KURIPUSHON (Broadcast 
Encryption) method. A key is made into a hierarchy tree structure and leaf (leaf) of 



the bottom corresponds to the key of each device. In the case of the example of 
drawing 12 , 16 devices from the number 0 to the number 15 or the key corresponding 
to a license is generated. 

[0091]Each key is specified corresponding to each node of the tree structure shown 
by a figure Nakamaru seal. In the keys K00 thru/or K1 1 , in this example, the key K000 
thru/or the key K1 1 1 correspond [ corresponding to the root node of the highest rung 
/ the route key KR / the key KO and K1 ] corresponding to the node of the 4th step 
corresponding to the 3rd step of node, respectively corresponding to the 2nd step of 
node. And the keys K0000 thru/or K1 1 1 1 support the leaf (device node) as a node of 
the bottom, respectively. 

[0092]Since it is considered as the layered structure, the key of the higher rank of the 
key K001 0 and the key 001 1 is set to K001 , and the key of the higher rank of the key 
K000 and the key K001 is set to K00, for example. Like the following, the key of the 
higher rank of the key K00 and the key K01 is set to KO, and the key of the higher rank 
of the key KO and the key K1 is set to KR. 

[0093]The key using contents is managed by the key corresponding to each node of 
one path from the device node (leaf) of the bottom to the root node of the highest 
rung. For example, based on the license corresponding to the node (leaf ID) of the 
number 3, the key using contents is managed by each key of the path containing the 
key K0011, K001, K00, KO, and KR. 

[0094]In the system of this invention, as shown in drawing 13 , it is a keying system 
constituted based on the principle of drawing 12 , and management of the key of a 
device and the key of a license is performed. In the example of drawing 13 , 8+24+32 
steps of nodes are made into a tree structure, and a category corresponds to each 
node from a root node to eight steps of a low rank. The category in here means 
categories, such as a category of the apparatus which uses semiconductor memory, 
such as a memory stick, for example, and a category of apparatus which receives 
digital broadcasting. And this system (T system is called) corresponds to one node in 
this category node as a system which manages a license. 

[0095]That is, a license corresponds by the key corresponding to 24 steps of a 
younger hierarchy's nodes further from the node of this T system. In the case of this 
example, thereby, the license of 2 24 (about 16 mega) can be specified. 32 steps of 
lower hierarchies can prescribe the user (or client 1) of 2 32 (about 4 giga). The key 
corresponding to 32 steps of nodes of the bottom constitutes DNK (Device Node Key), 
and ID corresponding to the leaf of the bottom is set to leaf ID. 

[0096]Each device and the key of a license correspond to one of the paths which 
comprise each node of 64 (=8+24+32) stages. For example, the contents key which 
enciphered contents is enciphered using the key corresponding to the node which 
constitutes the path assigned to the corresponding license. It is enciphered using the 
key of the hierarchy of the latest low rank, and the key of the hierarchy of a higher 



rank is arranged in EKB (with reference to drawing 15 , it mentions later). DNK of the 
bottom is not arranged in EKB, but is described by service information, and is given to 
a user's client 1 . the client 1 is described in EKB using the key which decoded the key 
of the hierarchy of the latest higher rank described in EKB ( drawing 15 ) distributed 
with contents data using DNK described by the license, and decoded and obtained it 
— the key of the hierarchy on it is decoded to a pan. By performing the above 
processing one by one, the client 1 can obtain all the keys belonging to the path of the 
license. 

[0097]The concrete example of a classification of the category of a hierarchy tree 
structure is shown in drawing 14 . In drawing 14 , route key KR2301 is set to the highest 
rung of a hierarchy tree structure, the node key 2302 is set to the following 
intermediate stages, and the leaf key 2303 is set to the bottom. Each device holds 
each leaf key, and a series of node keys from a leaf key to a route key and a route key. 
[0098]The predetermined node of the Mth step (the example of drawing 13 M= 8) is 
set up as the category node 2304 from the highest rung. That is, let each of the node 
of the Mth step be a device setting-out node of a specific category. Let M+1 or less 
step of node, and a leaf be the node and leaf about the device contained in the 
category by making one node of the Mth step into the peak. 

[0099]For example, a category [memory stick (trademark)] is set to the one node 
2305 of the Mth step of drawing 14 , and the node which stands in a row below in this 
node, and a leaf are set up as the node or leaf only for a category containing various 
devices which use memo RISUTEIIKU. That is, 2305 or less node is defined as the 
related node of the device defined as the category of a memory stick, and a set of a 
leaf. 

[0100]The low-ranking stage can be set up as the subcategory node 2306 by several 
steps from M stage. In the example of drawing 14 , the node 2306 of [the vessel only 
for reproduction] is set up as a subcategory node contained in the category of the 
device which uses a memory stick for the node under two steps of the category 
[memory stick] node 2305. To 2306 or less node of the vessel only for reproduction 
which is a subcategory node. The node 2307 of the telephone with a music 
reproduction function included in the category of the vessel only for playback is set 
up, and the [PHS] node 2308 contained in the low rank at the category of a telephone 
with a music reproduction function and the [cellular-phone] node 2309 are set up 
further. 

[0101]A category and a subcategory only not only in the kind of device, for example A 
certain maker, It is possible to set up in arbitrary units (these are generically called an 
entity hereafter), such as the node which a content provider, a 
settlement-of-accounts organization, etc. manage uniquely, i.e., a batch, a jurisdiction 
unit, or a providing service unit. For example, if one category node is set up as a peak 
node only for game machine machine XYZ which a game machine machine maker sells, 



In the game machine machine XYZ which a maker sells, the node key of the lower 
berth below the peak node, Store, become a leaf key possible to sell and Distribution 
of after that and enciphered content, Or the validation key blocks (EKB) constituted 
by the node key below the peak node key and the leaf key in distribution of various 
keys and an update process are generated and distributed, and distribution of 
available data is attained only to the device below a peak node. 

[0102]Thus, by considering the following nodes as the category defined as the peak 
node, or the composition set up as a related node of a subcategory by making one 
node into the peak, The maker which manages one peak node of the category stage or 
the subcategory stage, a content provider, etc. generate uniquely the validation key 
blocks (EKB) which make the node the peak, The composition distributed to the 
device belonging to below a peak node is attained, and renewal of a key can be 
performed, without affecting at all the device belonging to the node of other 
categories which do not belong to a peak node. 

[0103]For example, in the tree structure shown in drawing 12 , the four devices 0, 1, 2, 
and 3 contained in one group hold the key K00 common as a node key, K0, and KR. By 
using this node key share composition, it becomes possible to provide only the 
devices 0, 1, 2, and 3 with a common contents key. For example, if node key K00 the 
very thing held in common is set up as a contents key, setting out of a contents key 
only with the common devices 0, 1,2, and 3 is possible, without performing new key 
sending. If the value Enc (K00, Kcon) which enciphered the new contents key Kcon by 
the node key K00 is stored in a recording medium via a network and distributed to the 
devices 0, 1 , 2, and 3, Only the devices 0, 1,2, and 3 become possible [ solving the 
code Enc (K00 Kcon) using the share node key K00 held in each device, and obtaining 
the contents key Kcon ]. It is shown that Enc (Ka, Kb) is the data which enciphered Kb 
by Ka. 

[0104]When it is revealed in t at a certain time that the key K001 1 which the device 3 
owns, K001, K00, K0, and KR were analyzed by the aggressor (hacker), and it was 
exposed of KR, After it, in order to protect the data transmitted and received by a 
system (group of the devices 0, 1,2, and 3), it is necessary to separate the device 3 
from a system, for that purpose — a node key — K — 001 — K — 00 — K — zero — 
KR — respectively — being new — a key — K — ( — t — ) — 001 — K — ( — t — ) — 
00 — K — ( — t — ) — zero — K — ( — t — ) — R — updating — a device — zero — 
one — two — the — updating — a key — it is necessary to tell . Here, it is shown 
that K(t) aaa is an updating key of the generation (Generation) t of the key Kaaa. 
[0105]distribution **** of an updating key — it ****** just. The renewal of a key the 
table constituted by the block data called the validation key blocks (EKB:Enabling Key 
Block) shown in drawing 15 A, for example via a network, Or it performs by storing in a 
recording medium and supplying the devices 0, 1, and 2. Validation key blocks (EKB) 
are constituted by the cryptographic key for distributing the key newly updated by the 



device corresponding to each leaf (node of the bottom) which constitutes a tree 
structure as shown in drawing 12 . Validation key blocks (EKB) may be called the 
renewal block of a key (KRB:Key Renewal Block). 

[0106]The validation key blocks (EKB) shown in drawing 15 A are constituted as block 
data with the data configuration which can update only the required device of renewal 
of a node key. In the devices 0, 1 , and 2 in the tree structure shown in drawing 1 2 t the 
example of drawing 15 A is the block data formed for the purpose of distributing the 
generation's t updating node key. drawing 12 — from — being clear — as — a device 

— zero — a device — one — updating — a node key — ****** — K — ( — t — ) — 
00 — K — ( — t — ) — zero — K — ( — t — ) — R — required — a device — two — 
updating — a node key — ****** — K — (— t — ) — 001 — K — (— t — ) — 00 ~ 
K — ( — t — ) — zero — K — ( — t — ) — R — being required . 

[0107]As shown in EKB of drawing 15 A, two or more cryptographic keys are 
contained in EKB. The cryptographic key of the bottom of drawing 1 5 A is Enc (K0010, 
K(t)001). this — a device — two — having — a leaf key — K — 0010 — enciphering 

— having had — updating — a node key — K — ( — t — ) — 001 — it is — a device 

— two — self — having — a leaf key — K — 0010 — this — a cryptographic key — 
decoding — updating — a node key — K — ( — t — ) — 001 — it can obtain . using 
updating node key K(t)001 obtained by decoding, decoding of the 2nd step of 
cryptographic key Enc (K — ( — t — ) — 001 — K — ( — t — ) — 00) is attained from 
under drawing 15 A, and updating node key K(t)00 can be obtained. 

[0108]One by one below by decoding the 2nd step of cryptographic key Enc (K (t) 00, 
K(t)0) from on drawing 1 5 A. Updating node key K (t) 0 is obtained and updating route 
key K(t) R is obtained from on drawing 15 A using this by decoding the 1st step of 
cryptographic key Enc (K(t) 0 and K (t) R). 

[0109]on the other hand — a node key — K — 000 — updating — an object — 
containing — not having — a node — zero — one — updating — a node key — 
****** — being required — a thing — K — ( — t — ) — 00 — K — ( — t — ) — zero 

— K — ( — t — ) — R — it is . The nodes 0 and 1 acquire updating node key K(t)00 
from on drawing 15 A using the debye skiing K0000 and K0001 by decoding the 3rd 
step of cryptographic key Enc (K000, K(t)00), below, one by one, updating node key 
K(t)0 is obtained by decoding the 2nd step of cryptographic key Enc (K — ( — t — ) — 
00 — K — ( — t — ) — 0) from on drawing 15 A, and updating route key K(t) R is 
obtained by decoding the 1st step of cryptographic key Enc (K(t) 0 and K (t) R) from 
on drawing 15 A. Thus, the devices 0, 1, and 2 can obtain updated key K(t) R. 
[0110]The index of drawing 15 A shows the actual address of the node key and leaf 
key which are used as a decryption key for decoding the cryptographic key on the 
right-hand side of a figure. 

[0111]When renewal of node key K(t) 0 and K (t) R of the upper stage of the tree 
structure shown in drawing 12 is unnecessary and the update process of only the 



node key K00 is required, By using the validation key blocks (EKB) of drawing 15 B, 
updating node key K(t)00 can be distributed to the devices 0, 1 , and 2. 
[01 12]EKB shown in drawing 1 5 B is available when distributing the new contents key 
shared, for example in a specific group. As an example, the recording medium with the 
devices 0, 1, 2, and 3 in the group who shows by a dotted line is used for drawing 12 , 
and suppose that new common contents key K(t) con is required, this — the time — a 
device — zero — one — two — three — being common — a node key — K — 00 — 
having updated — K — ( — t — ) — 00 — using — being new — being common — 
updating — a contents key — K — ( — t — ) — con — having enciphered — data — 
Enc (K (t) 00, K(t) con) — drawing 15 — B — being shown — having — EKB — 
distributing — having . By this distribution, the distribution as data of the device 4 etc. 
which other groups' apparatus cannot decode is attained. 

[01 13]That is, if the devices 0, 1, and 2 decode a cryptogram using key K(t)00 which 
processed and obtained EKB, it will become possible to obtain contents key K(t) con 
in t time. 

[01 14]As an example of processing which obtains contents key K(t) con in t time to 
drawing 16 , K (t) Processing of the device 0 which received the data Enc (K (t) 00, K(t) 
con) which enciphered new common contents key K(t) con using 00, and EKB shown 
in drawing 15 B via the recording medium is shown. That is, this example is an example 
which set the encryption message data based on EKB to contents key K(t) con. 
[0115]As shown in drawing 1 6 , the device 0 generates node key K(t)00 by same EKB 
processing with having mentioned above using EKB at the generation t time stored in 
the recording medium, and the node key K000 which he stores beforehand. Using 
updating node key K(t)00 decoded, the device 0 decodes updating contents key K(t) 
con, and in order to use it behind, by the leaf key K0000 which he has, it enciphers and 
it stores it. 

[01 16]The example of a format of validation key blocks (EKB) is shown in drawing 1 7 . 
The version 601 is an identifier which shows the version of validation key blocks (EKB). 
A version has the function to identify the newest EKB, and a function which shows a 
correspondence relation with contents. A depth shows the hierarchy number of the 
hierarchy tree to the device of the distribution destination of validation key blocks 
(EKB). The data pointer 603 is a pointer in which the position of the data division 606 
in validation key blocks (EKB) is shown, and is a pointer which the tag pointer 604 
shows the position of the tag part 607 to, and the signature pointer 605 shows the 
position of the signature 608. 

[0117]The data division 606 stores the data which enciphered the node key updated, 
for example. For example, each cryptographic key about the updated node key as 
shown in drawing 16 is stored. 

[0118]The tag part 607 is a tag in which the physical relationship of the node key and 
leaf key which were stored in the data division 606, and which were enciphered is 



shown. The grant rule of this tag is explained using drawing 18 . 

[01 19] Drawing 18 shows the example which sends the validation key blocks (EKB) 
previously explained by drawing 15 A as data. The data at this time comes to be 
shown in the table of drawing 18 B. Let the address of the top node contained in the 
cryptographic key at this time be a top node address. Since updating key K(t) R of the 
route key is contained in the case of this example, a top node address serves as KR. 
At this time, the data Enc (K(t) 0 and K (t) R) of the highest rung corresponds to the 
position P0 shown in the hierarchy tree shown in drawing 1 8 A, for example. The data 
of the following stage is Enc (K (t) 00, K(t)0), and corresponds to the position POO at 
the lower left of front data on a tree. When it sees from the position of a tree 
structure and data is in the bottom of it, 0 and when there is nothing, a tag is set as 1 
for a tag. A tag is set up as {a left (L) tag and a right (R) tag}. Since there is data in the 
position POO at the lower left of the position PO corresponding to the data Enc (K(t) 
0 and K (t) R) of the highest rung of drawing 18 B and there is no data in L tag =0 and 
the right, it is set to R tag -1 . Hereafter, a tag is set as all the data and the data row 
shown in drawing 1 8 C and a tag sequence are constituted. 

[0120]A tag is set up in order that the corresponding data Enc (Kxxx, Kyyy) may show 
where [ of a tree structure ] it is located, the key data Enc (Kxxx, Kyyy) stored in the 
data division 606 — although ... is only enumeration data of the key enciphered simply, 
distinction of the position on the tree of the cryptographic key stored as data with the 
tag mentioned above of it is attained. The node index to which encryption data was 
made to correspond is used like composition of that previous drawing 15 explained, 
without using the tag mentioned above, for example, it is 0:Enc (K(t) 0 and K (t) R). 
00:Enc(K(t)00,K(t)0 
000:Enc(K((t)000,K(t)00) 

Although it is also possible to consider it as a data configuration like if it has 
composition using such an index, in the distribution etc. which it becomes redundant 
data, and data volume increases, and pass a network, it is not desirable. On the other 
hand, distinction of a key position is attained with small data volume by using the tag 
mentioned above as index data in which a key position is shown. 

[01 21 ]It returns to drawing 17 and an EKB format is explained further. For example, 
the signature (Signature) 608 published validation key blocks (EKB), it is an electronic 
signature which a lock management center (license server 4), contents ROBAIDA 
(contents server 3), a settlement-of-accounts organization (fee collection server 5), 
etc. perform. It checks that the devices which received EKB are the validation key 
blocks (EKB) which the just validation key-blocks (EKB) publisher published by 
signature verification. 

[0122]When processing using the contents supplied from the contents server 3 is 
summarized based on the license supplied from the license server 4 as mentioned 
above, it comes to be shown in drawing 19 . 



[0123]That is, while contents are provided from the contents server 3 to the client 1, 
a license is supplied to the client 1 from the license server 4. Contents are enciphered 
by the contents key Kc (Enc (Kc, Content)), and the contents key Kc, It is added to 
the contents which were enciphered by the route key KR (it is a key obtained from 
EKB and corresponds to key K EKBC in drawing 5 ) (Enc (KR, Kc)), and were enciphered 
with EKB, and is provided for the client 1. 

[0124]As shown in drawing 20 , the route key KR enciphered by DNK is contained in 
EKB in the example of drawing 19 , for example (Enc (DNK, KR)). Therefore, the client 1 
can obtain the route key KR from EKB using DNK contained in service information. 
The contents key Kc can be decoded from Enc (KR, Kc) using the route key KR, and 
contents can be decoded from Enc (Kc, Content) using the contents key Kc. 
[0125]Thus, according to the principle explained with reference to drawing 12 and 
drawing 15 , RIBOKU (revoke) of each client 1 becomes possible by assigning DNK 
individually to the client 1. 

[0126]By adding and distributing license leaf ID, in the client 1, matching of service 
information and a license will be performed and it becomes possible to prevent the 
illegal copy of a license. 

[0127]lt also enables an end user to create the contents which can prevent an illegal 
copy by distributing the certificate and secret key for clients as service information 
using these. 

[0128]Use of a certificate and a secret key is later mentioned with reference to the 
flow chart of drawing 28 . 

[0129]In this invention, since T system which manages a license, and the category 
using various kinds of contents of a device are matched with a category node as 
explained with reference to drawing 13 , two or more DNK(s) can be given to the same 
device. As a result, it becomes possible to manage the contents of a different 
category with one device. 

[01 30] Drawing 21 expresses this relation. That is, based on T system, the license 
using the contents 1 to which DNK1 is assigned is recorded on the device D1. 
Similarly, the contents 2 to which DNK2 was assigned and which carried out ripping to 
the memory stick from CD are recordable on this device D1 , for example. In this case, 
the device D1 becomes possible [ treating simultaneously contents which are called 
the contents 1 and the contents 2 and which were distributed by a different system (T 
system and a device management system) ]. Such a thing cannot be performed, when 
assigning new DNK, and DNK already assigned is deleted and it is made to make only 
one DNK correspond to a device. 

[0131]By assigning the license category 1 and the license category 2 which are shown 
in drawing 22 at each of three square shapes each of 32 lower hierarchies, [ in / 
drawing 13 ] It becomes possible to classify the inside of the same category into small 
meetings, such as a genre of contents, a label, a store, and distribution service, and to 



manage it using a subcategory. 

[0132]In the example of drawing 22 , the license category 1 belongs to the genre of 
jazz, and the license category 2 belongs to the genre of a lock, for example. License ID 
makes the contents 1 and the contents 2 which are 1 correspond to the license 
category 1, and the user 1 thru/or the user 3 are supplied widely, respectively. The 
contents 3 of license ID2, the contents 4, and the contents 5 are contained, and the 
user 1 and the user 3 are provided with the license category 2, respectively. 
[0133]Thus, in this invention, the key management which became independent for 
every category becomes possible. 

[0134]DNK is beforehand embedded to neither apparatus nor media, but by the 
license server 4, when performing registration processing, the system which can 
purchase the key by a user can be realized by making it download to each apparatus 
or media. 

[0135]After it is created contents, even if what kind of usage is carried out, it is 
concerned with the usage, there are, and it is desirable in all the uses that it is usable. 
[ no ] For example, also in a different contents distribution service or the domain in 
which service conditions differ, it is desirable that the same contents can be used. In 
this invention, for this reason, as mentioned above, the certificate (certificates) of a 
secret key and the public key corresponding to it is distributed to each user (client 1) 
from the license server 4 as a certificate authority. Using the secret key, each user 
can create a signature (signature), can add to contents, and can guarantee genuine 
[ of contents ] (integrity), and can aim at prevention from an alteration of contents. 
[0136]The example of processing in this case is explained with reference to the flow 
chart of drawing 23 . Processing of drawing 23 explains the ripping processing a user 
makes the storage parts store 28 remember the data played from CD to be. 
[0137]First, in Step S171, CPU21 of the client 1 incorporates the regenerative data of 
CD inputted via the communications department 29 as record data. In Step S172, 
CPU21 judges whether the watermark is contained in the record data incorporated by 
processing of Step S171. This watermark is constituted by the copy management 
information (CCI) of a triplet, and the 1-bit trigger (Trigger), and is embedded in the 
data of contents. It progresses to Step S173 and CPU21 performs processing which 
extracts the watermark, when a watermark is detected. When a watermark does not 
exist, processing of Step S173 is skipped. 

[0138]Next, in Step S174, CPU21 creates the data of the header recorded 
corresponding to contents. The data of this header is constituted by URL showing the 
access point for acquiring content ID, license ID, and a license, and the watermark. 
[0139]Next, it progresses to Step S175 and CPU21 creates the digital signature based 
on the data of the header created by processing of Step S174 using its own secret 
key. This secret key is acquired from the license server 4 (Step S67 of drawing 7 ). 
[0140]CPU21 controls the encryption decoding part 24 by Step S176, and contents 



are made to encipher by a contents key. A contents key is simultaneously acquired, 
when contents are acquired ( drawing 5 or drawing 19 ). 

[0141]Next, for example, CPU21 makes data record on the magneto-optical disc 43 
constituted with a mini disc etc. in Step S177 based on a file format. 
[0142]When a recording medium is a mini disc, CPU21 supplies contents to the codec 
part 25, for example, makes contents code with ATRAC3 method in Step S176. And 
the coded data is further enciphered by the encryption decoding part 24. 
[0143] Drawing 24 expresses typically the state where contents were recorded on the 
recording medium as mentioned above. The watermark (WM) extracted from the 
contents (E (At3)) enciphered is recorded out of contents (header). 
[0144] Drawing 25 expresses the more detailed composition of the file format in the 
case of recording contents on a recording medium. In this example, content ID (CID), 
license ID (LID), URL and the header containing a watermark (WM) are recorded, and 
also. EKB, the data (Enc (KR, Kc)) which enciphered the contents key Kc by the route 
key KR, A certificate (Cert), the digital signature (Sig (Header)) generated based on 
the header, the data (Enc (Kc, Content)) which enciphered contents by the contents 
key Kc, the metadata (Meta Data), and the mark (Mark) are recorded. 
[01 45] Although the watermark is embedded to the inside of contents, As shown in 
drawing 24 and drawing 25 , the inside of contents is making it arrange in a header 
independently, and it becomes possible to detect the information currently embedded 
to contents as a watermark promptly and simply. Therefore, it can be judged promptly 
whether the contents can be copied. 

[01 46] Metadata expresses the data of a jacket, a photograph, words, etc., for example. 
A mark is later mentioned with reference to drawing 31 . 

[01 47] Drawing 26 expresses the example of the public key certification as a 
certificate. A public key certification is usually a certificate which the certificate 
authority (CA:Certificate Authority) in a public-key crypto system publishes, A 
certificate authority adds information, including the term of validity etc., to self ID, 
public key, etc. which the user submitted to the certificate authority, adds the digital 
signature by a certificate authority further to them, and is created. In this invention, 
since the license server 4 (or contents server 3) also publishes a certificate, a secret 
key, therefore a public key, the user can get this public key certification by providing 
the license server 4 with user ID, a password, etc., and performing registration 
processing. 

[0148]The consecutive numbers of the certificate in which the version number of a 
certificate and the license server 4 assign the public key certification in drawing 26 to 
the user (user) of a certificate, The algorithm used for the digital signature and a 
parameter, the name of a certificate authority (license server 4), the term of validity of 
a certificate, a certificate user's ID (node ID or leaf ID), and the certificate user's 
public key are contained as a message. The digital signature created by the license 



server 4 as a certificate authority is added to this message. This digital signature is 
the data generated using the secret key of the license server 4 based on the hash 
value generated with the application of the hash function to the message. 
[01 49]in the case of the example of drawing 12 , if node ID or leaf ID is the device 0, it 
will be set to "0000", if it comes out device 1 , it will be set to "0001 ", and if it is the 
device 15, it will be set to "11 11", for example. Based on such ID, it is identified 
whether the device (entity) is an entity located in which position (a leaf or node) of 
tree composition. 

[0150]Thus, distribution of contents will be freely performed by dissociating and 
distributing a license required to use contents with contents. The contents which 
came to hand in arbitrary methods or a course can be dealt with unitary. 
[0151]By what a file format is constituted for as shown in drawing 25 . When 
distributing the contents of the format via the Internet, when it provides for SDMI 
(Secure Digital Music Initiative) apparatus, of course, it becomes possible to manage 
the copyright of contents. 

[0152]As shown in drawing 27 for example, even if contents are provided via a 
recording medium, Even if provided via the Internet 2, the same processing enables it 
to check out to predetermined PD (Portable Device) as SDMI (Secure Digital Music 
Initiative) apparatus, etc. 

[0153]Next, with reference to the flow chart of drawing 28 , processing in case the 
client 1 checks out contents to other clients (for example, PD) is explained. 
[0154]First, in Step S191, CPU21 judges whether the digital signature is added to 
contents. When judged with the digital signature being added, it progresses to Step 
S1 92, and CPU21 extracts a certificate and performs processing verified by the public 
key of a certificate authority (license server 4). That is, the client 1 acquires the 
public key corresponding to the secret key of the license server 4 to the license 
server 4, and decodes the digital signature added to the public key certification by the 
public key. As explained with reference to drawing 26 , the digital signature is 
generated based on the secret key of a certificate authority (license server 4), and 
can be decoded using the public key of the license server 4. CPU21 calculates a hash 
value with the application of a hash function to the whole message of a certificate. 
And if CPU21 compares the calculated hash value with the hash value produced by 
decoding a digital signature and both are in agreement, it will judge with a message not 
being what was altered. When both are not in agreement, it will be said that this 
certificate is altered. 

[0155]Then, in Step S193, CPU21 judges whether the certificate is altered or not, and 
when judged with not being altered, it progresses to Step S194 and it performs 
processing which verifies a certificate by EKB. This verification processing is 
performed by investigating whether EKB can be followed or not based on leaf ID 
( drawing 26 ) contained in a certificate. This verification is explained with reference to 



drawing 29 and drawing 30 . 

[0156]Now, as shown in drawing 29 , suppose that it is the device [ RIBOKU / device / 
the device which has the leaf key K1001 ]. At this time, data (cryptographic key) as 
shown in drawing 30 , and EKB which has a tag are distributed to each device (leaf). 
This EKB is EKB which updates the key KR, K1 , K1 0, and K1 00, in order RIBOKU [ the 
device "1001" in drawing 29 ]. 

[0157]AII the leaves other than a RIBOKU device "1001" can acquire updated route 
key K(t) R. That is, since the leaf which stands in a row in the low rank of the node key 
K0 holds in a device the node key K0 which is not updated, it can acquire updating 
route key K(t) R by decoding the cryptographic key Enc (K0, K(t) R) by the key K0. 
[0158]The leaf not more than node key K1 1 can acquire updating node key K(t)1 using 
the node key K1 1 which is not updated by decoding Enc (K1 1, K(t)1) by the node key 
K11. It becomes possible by decoding Enc (K(t) 1 and K (t) R) by node key K(t)1 to 
acquire updating route key K(t) R. Also about the low rank leaf of the node key K101, 
it is possible to acquire updating route key K(t) R similarly. 

[0159]The device "1000" which has the leaf key [ RIBOKU / leaf key ] K1000, Enc 
(K1000, K(t)100) is decoded by the self leaf key K1000, node key K(t)100 can be 
acquired, the node key of a higher rank can be further decoded one by one using this, 
and updating route key K(t) R can be acquired. 

[0160]on the other hand — RIBOKU — having had — a device — "1001" — self — a 
leaf — one — a step — a top — updating — a node key — K — ( — t — ) — 100 — 
EKB — processing — being unacquirable — since — after all — updating — a route 
— a key — K — ( — t — ) — R — being unacquirable . 

[0161]The data shown in drawing 30 and EKB which has a tag are distributed and 
stored in the just device [ RIBOKU / device ] (client 1) from the license server 4. 
[0162]Then, each client can perform EKB tracking processing using the tag. This EKB 
tracking processing is processing which judges whether a key distribution tree can be 
followed from the route key of a higher rank. 

[0163]For example, "1001" which is ID (leaf ID) of the leaf "1001" of drawing 29 is 
grasped as 4 bits of "1", "0", "0", and "1", and it is judged one by one from the most 
significant bit whether a tree can be followed according to a lower bit. In this judgment, 
if a bit is 1, it will go to right-hand side, and if it is 0, processing which goes to 
left-hand side will be performed. 

[0164]Since the most significant bit of ID "1001" is 1, it goes to right-hand side from 
the route key KR of drawing 29 . It is judged with the tag (tag of the number 0) of the 
beginning of EKB being 0: {0, 0}, and being what has data on both branches. In this case, 
since it can go to right-hand side, it can arrive at the node key K1. 
[0165]Next, it progresses to the node of the low rank of the node key K1. Since the 
2nd bit of ID "1001" is 0, it goes to left-hand side. The tag in which the tag of the 
number 1 expresses the existence of the data of the low rank of the left-hand side 



node key KO, and the existence of the data of the low rank of the node key K1 is 
shown is a tag of the number 2. As shown in drawing 30 , this tag shall be 2: {0, 0}, and 
shall have data on both branches. Therefore, it can go to left-hand side and can arrive 
at the node key K10. 

[0166]The 3rd bit of ID "1001" is 0 and goes to left-hand side. At this time, the tag 
(tag of the number 3) in which the existence of the data of the low rank of K10 is 
shown is 3: {0, 0}, and it judges that it has data on both branches. Then, it can go to 
left-hand side and can arrive at the node key K100. 

[0167]The least significant bit of ID "1001" is 1, and goes to right-hand side. The tag 
which the tag of the number 4 corresponds to the node key K1 1, and expresses the 
numerals of the data of the low rank of K1 00 is a tag of the number 5. This tag is 5: {0, 
1}. Therefore, data will not exist in right-hand side, as a result, arrive at a node "1001" 
— it is judged with there being nothing and the device of ID "1001" being the device 
which cannot acquire the updating route key by EKB, i.e., a RIBOKU device. 
[0168]On the other hand, for example, the device ID which has the leaf key K1000 is 
"1000", and like the case where it mentions above, if EKB tracking processing based 
on the tag in EKB is performed, it can arrive at a node "1000." Therefore, it is judged 
with the device of ID "1000" being a just device. 

[0169]Return to drawing 28 and CPU21 based on the verification processing of Step 
S194, When RIBOKU [ ****** / RIBOKU / the certificate / is judged at Step S195 
and / the certificate ], it progresses to Step S196 and processing which verifies a 
digital signature by the public key contained in a certificate is performed. 
[0170]That is, as shown in drawing 26 , the certificate user's (contents creator) public 
key is contained in the certificate, and the signature (Sig (Header)) shown in drawing 
25 is verified using this public key. By namely, the thing for which the data (hash value) 
produced by decoding the digital signature Sig (Header) is compared with the hash 
value calculated with the application of the hash function to Header shown in drawing 
25 using this public key. It can check that Header is not altered, if both are in 
agreement. On the other hand, it will be said that Header is altered if both are not in 
agreement. 

[0171]In Step S197, CPU21 judges whether Header is altered or not, and if not altered, 
it progresses to Step S198 and it verifies a watermark. In Step S199, CPU21 judges 
whether he can check out or not as a result of verification of a watermark. When you 
can check out, it progresses to Step S200 and CPU21 performs check-out. That is, 
contents are made to transmit and copy to the client 1 of a check-out place. 
[0172]In [ when judged with a digital signature not existing in Step S191 ] Step S193, 
In [ when judged with the certificate being altered ] Step S195, When are judged with 
the ability of a certificate to have not been verified by EKB and it is judged with the 
header being altered in Step S197 as a result of verification of a digital signature, Or in 
Step S199, when judged with prohibition of check-out being described by the 



watermark, it progresses to Step S201 and error handling is performed. That is, 
check-out is forbidden in this case. 

[0173]Thus, it becomes possible by distributing a certificate and a secret key to a 
user from the license server 4, and adding a digital signature at the time of contents 
creation to guarantee Shinsei of the maker of contents. Thereby, circulation of 
inaccurate contents can be controlled. 

[0174]A watermark is detected at the time of contents creation, by giving the 
information to a digital signature, the alteration of watermark information can be 
prevented and Shinsei of contents can be guaranteed. 

[0175]As a result, even if the contents created once are distributed with what kind of 
gestalt, it becomes possible to guarantee Shinsei of the original contents. 
[0176]Since contents do not have a service condition but the service condition is 
added to the license, it is changing the service condition within a license, and it 
becomes possible to change the service conditions of the contents related to it all at 
once. 

[01 77]Next, the utilizing method of a mark is explained. In this invention, as mentioned 
above, a service condition is added to the license instead of contents. However, an 
operating condition may change with contents. Then, in this invention, as shown in 
drawing 25 , a mark is added to contents. 

[0178]Since a license and contents have one-pair Oshi's relation, it becomes difficult 
to describe each operating condition of contents only in the service condition of a 
license. Then, though management with a license is carried out by adding an operating 
condition to contents in this way, it becomes possible to manage each contents. 
[0179]As shown in drawing 31 , a user's ID (leaf ID), an ownership flag, 
beginning-of-using time, copy frequency, etc. are described by this mark, for example. 
[0180]The digital signature generated based on messages, such as leaf ID, an 
ownership flag, beginning-of-using time, and copy frequency, is added to a mark. 
[0181]An ownership flag is added when the license for which only a predetermined 
period makes contents usable is bought as it was for example (when duration of 
service is changed eternally). Beginning-of-using time is described when use of 
contents is started within a predetermined period. For example, when the stage to 
download contents is restricted and download is performed within the term, the time 
which downloaded contents actually is described here. Thereby, it is proved that it is 
effective use within a period. 

[0182]The number of times which copied the contents by then is described as a 
history (log) by copy frequency. 

[0183]Next, when a user buys a license with reference to the flow chart of drawing 32 , 
a mark is explained as an example added to contents about the processing which adds 
a mark. 

[0184]First, in Step S221, CPU21 accesses the license server 4 via the Internet 2 



based on instructions of the user from the input part 26. 

[0185]In Step S222, CPU21 incorporates the input through the input part 26 from a 
user, and requires acquisition of a license from the license server 4 corresponding to 
the input. 

[0186]Corresponding to this demand, the license server 4 presents a remuneration 
required in order to buy a license so that it may mention later with reference to the 
flow chart of drawing 33 (Step S242 of drawing 33 ). Then, in Step S223, this will be 
outputted to the outputting part 27 and CPU21 of the client 1 will display it, if 
presentation of the remuneration from the license server 4 is received. 
[0187]A user judges whether based on this display, it consents to the shown 
remuneration, and inputs that decision result from the input part 26 based on that 
decision result. 

[0188]When it judges with CPU21 having judged whether it consented to the 
remuneration shown the user in Step S224 based on the input from the input part 26, 
and having consented, it progresses to Step S225 and processing which notifies 
consent to the license server 4 is performed. 

[01 89]If this notice of consent is received, the license server 4 will transmit the 
information showing acquisition of a remuneration, i.e., the mark which described the 
ownership flag, (Step S244 of drawing 33 ). Then, in Step S226, CPU21 of the client 1 
will perform processing which embeds the received mark to contents in Step S227, if 
the mark from the license server 4 is received. That is, the mark the ownership flag as 
shown in drawing 31 was described to be as a mark of the contents corresponding to 
the bought license by this will be recorded corresponding to contents. Since it means 
that the message was updated at this time, CPU21 also updates a digital signature 
( drawing 25 ) and is recorded on a recording medium. 

[0190]In Step S224, when judged with not consenting to the remuneration shown from 
the license server 4, it progresses to Step S228 and CPU21 notifies the license server 
4 that it does not consent to the shown remuneration. 

[0191]Corresponding to processing of such a client 1, the license server 4 performs 
processing shown in the flow chart of drawing 33 . 

[0192]Namely, in Step S241, first CPU21 of the license server 4, If the demand of 
license acquisition is transmitted from the client 1 (Step S222 of drawing 32 ), this will 
be received, a remuneration required for the acquisition by the target license will be 
read from the storage parts store 28 in Step S242, and this will be transmitted to the 
client 1. 

[0193]As mentioned above, the notice of whether to consent to the remuneration 
shown from the client 1 to the remuneration shown by doing in this way is transmitted. 
[0194]Then, in Step S243 CPU21 of the license server 4, When it judges whether the 
notice of consent was received from the client 1 and judges with having received the 
notice of consent, progress to Step S244, generate the mark containing the message 



showing the acquisition by the target license, and with its own secret key. A digital 
signature is added and it transmits to the client 1. Thus, the transmitted mark is 
recorded on corresponding contents in the storage parts store 28 of the client 1, as 
mentioned above (Step S227 of drawing 32 ). 

[0195]In Step S243, when judged with the notice of consent not being received from 
the client 1, processing of Step S244 is skipped. That is, in this case, since it means 
that acquisition processing of the license was not performed eventually, a mark is not 
transmitted. 

[0196] Drawing 34 expresses the example of composition of the mark transmitted from 
the license server 4 to the client 1 in Step S244. The mark is constituted in this 
example by digital signature Sig s (LeafID, Own) generated based on the secret key S 
of the license server 4 in leaf ID, the ownership flag (Own), and that user's leaf ID and 
ownership flag. 

[0197]Since this mark is effective only to a specific users specific contents, when 
copied in the target contents, the mark which accompanies those copied contents is 
repealed. 

[0198]Thus, contents and a license are separated and it becomes possible to realize 
service according to the operating condition of each contents also in the case where 
a service condition is made equivalent to a license. 

[0199]Next, a grouping is explained. It is called a grouping to collect two or more 
apparatus and media suitably, and to enable it to deliver and receive contents freely in 
the one set. Usually, this grouping is performed in apparatus and the media which an 
individual owns. Although this grouping set up the group key for every group and was 
performed conventionally, it becomes possible to carry out a grouping easily by 
matching the same license with two or more apparatus and media which carry out 
grouping. 

[0200]It is also possible to carry out the grouping of each apparatus by registering 
beforehand. The grouping in this case is explained below. 

[0201 ]In this case, the user needs to register into a server beforehand the certificate 
of the apparatus made into a grouping object. The registration processing of this 
certificate is explained with reference to the flow chart of drawing 35 and drawing 36 . 
[0202]First, with reference to the flow chart of drawing 35 , the registration processing 
of the certificate of a client (apparatus used as a grouping object) is explained. In Step 
S261 , CPU21 of the client 1 draws up its own [ as apparatus made into the object of a 
grouping ] certificate. Its own public key is contained in this certificate. 
[0203]Next, it progresses to Step S262, and based on the input from a user's input 
part 26, CPU21 accesses the contents server 3 and performs processing which 
transmits the certificate drawn up by processing of Step S261 to the contents server 
3 in Step S263. 

[0204]As a certificate, what received from the license server 4 can also be used as it 



is. 

[0205]AII the apparatus made into a grouping object performs the above processing. 
[0206]Next, with reference to the flow chart of drawing 36 , the registration processing 
of the certificate of the contents server 3 performed corresponding to the registration 
processing of the certificate of the client 1 of drawing 35 is explained. 
[0207]First, in Step S271, in Step S272, CPU21 of the contents server 3 will register 
the certificate into the storage parts store 28, if the certificate transmitted from the 
client 1 is received. 

[0208]The above processing is performed for every apparatus made into a group 
object. As a result, as shown in drawing 37 , the certificate of the device which 
constitutes the group is registered into the storage parts store 28 of the contents 
server 3 for every group, for example. 

[0209]In the example shown in drawing 37 , the certificates C11 thru/or C14 are 
registered as the group's 1 certificate. Corresponding public key K P11 thru/or K P14 is 
contained in these certificates C1 1 thru/or C14. 

[0210]Similarly, as the group's 2 certificate, the certificates C21 thru/or C23 are 
registered, and public key K p21 thru/or K P23 to which these correspond is contained. 
[021 1]If offer of contents is required of the apparatus which belongs to the group from 
a user in the state which constitutes the above groups where the certificate was 
registered for every apparatus, the contents server 3 will perform processing shown in 
the flow chart of drawing 38 . 

[021 2] First, in Step S281, CPU21 of the contents server 3 performs processing which 
verifies the certificate which belongs to the group among the certificates memorized 
by the storage parts store 28. 

[0213]This verification processing is performed by following EKB using a tag based on 
leaf ID contained in the certificate of each apparatus, as explained with reference to 
drawing 29 and drawing 30 . EKB is distributed also to the contents server 3 from the 
license server 4. The certificate [ RIBOKU / certificate / this verification processing] 
is excepted. 

[0214]In Step S282, CPU21 of the contents server 3 chooses the validated certificate 
as a result of the verification processing of Step S281. And in Step S283, CPU21 
enciphers a contents key by each public key of the certificate of each apparatus 
selected by processing of Step S282. In Step S284, CPU21 transmits with contents 
the contents key enciphered by processing of Step S283 to each apparatus of the 
target group. 

[0215]Supposing RIBOKU [ the certificate C14 ] among the groups 1 by whom it is 
shown to drawing 37 , it will be processing of Step S283 and encryption data as shown 
in drawing 39 will be generated, for example. 

[0216]That is, the contents key Kc is enciphered by public key K p11 of the certificate 
C11, public key K P12 of the certificate C12, or public key K P13 of the certificate C13 in 



the example of drawing 39 . 

[021 7]Corresponding to processing as shown in drawing 38 of the contents server 3, 
the apparatus (client) of each group who receives offer of contents performs 
processing shown in the flow chart of drawing 40 . 

[0218]First, in Step S291, CPU21 of the client 1 receives the contents which the 
contents server 3 has transmitted by processing of Step S284 of drawing 38 with a 
contents key. Contents are enciphered by the contents key Kc, and the contents key 
is enciphered by the public key which each apparatus holds as mentioned above 
( drawing 39 ). 

[0219]Then, in Step S292, CPU21 decodes and acquires the contents key addressed 
to it with its own secret key. [ who received by processing of Step S291 ] And 
decoding processing of contents is performed using the acquired contents key. 
[0220]For example, using its own [ corresponding to public key K P11 ] secret key, the 
apparatus corresponding to the certificate C1 1 shown in the example of drawing 39 
decodes the code of the contents key Kc, and acquires the contents key Kc. And 
contents are further decoded using the contents key Kc. 

[0221]Same processing is performed also in the certificate C12 and the apparatus 
corresponding to C13. Since the contents key Kc enciphered using its own public key 
is not sent along with contents, the apparatus of the certificate [ RIBOKU / 
certificate ] C14 cannot decode the contents key Kc, therefore cannot decode 
contents using the contents key Kc. 

[0222]Although it was made to perform a grouping above to the contents key (namely, 
contents), it is also possible to perform a grouping to a license key (license). 
[0223]Grouping becomes possible, without using a special group key and ICV (Integrity 
CheckValue) mentioned later as mentioned above. This grouping is fit for applying to a 
small-scale group. 

[0224]In this invention, a license is also made possible [ checking out, checking in 
carrying out a move, or copying ]. However, these processings are performed based on 
the rule defined by SDMI. 

[0225]Next, with reference to the flow chart of drawing 41 and drawing 42 , check-out 
processing of the license by such a client is explained. 

[0226]First, processing of the client which checks out a license to other clients with 
reference to the flow chart of drawing 41 is explained. First, in Step S301, CPU21 of 
the client 1 reads the number of times N1 of check-out of the license for check-out. 
Since this number of times of check-out is written in the service condition shown in 
drawing 8 , it is read in this service condition. 

[0227]Next, in Step S302, CPU21 reads too the number of times N2 of the maximum 
check-out of the license for check-out in the service condition of a license. 
[0228] And in Step S303 CPU21, The number of times N1 of check-out read by 
processing of Step S301 is compared with the number of times N2 of the maximum 



check-out read by processing of Step S302, and it is judged whether the number of 
times N1 of check-out is larger than the number of times N2 of the maximum 
check-out. 

[0229]When it judges that the number of times N1 of check-out is smaller than the 
number of times N2 of the maximum check-out, progress to Step S304 and CPU21, 
The leaf key of the device (client of a check-out place) of the other party is acquired 
from the device of partner each, and the leaf key is stored in the check-out list of 
storage parts stores 28 corresponding to license ID made applicable to check-out 
now. 

[0230]Next, in Step S305, only 1 **************s the value of the number of times 
N1 of check-out of the license in which CPU21 was read by processing of Step S301. 
In Step S306, CPU21 calculates ICV based on the message of a license. This ICV is 
later mentioned with reference to drawing 46 thru/or drawing 50 . It becomes possible 
to prevent the alteration of a license using ICV. 

[0231]Next, CPU21 enciphers using its own public key, and makes ICV calculated by 
the license for check-out, and processing of Step S306 output and copy to the device 
of the other party with EKB and a certificate in Step S307. CPU21 makes ICV 
calculated by processing of Step S306 remember it to be a leaf key of an opposite 
party device in the check list of the storage parts store 28 in Step S308 
corresponding to license ID. 

[0232]In Step S303, when judged with the number of times N1 of check-out not being 
smaller than the number of times N2 of the maximum check-out (for example, equal), 
since check-out is performed, only the number of times already permitted cannot 
check out any more. Then, it progresses to Step S309 and CPU21 performs error 
handling. That is, check-out processing will be performed in this case. 
[0233]Next, with reference to the flow chart of drawing 42 , check-out processing of 
drawing 41 explains processing of the client which receives check-out of a license. 
[0234]First, in Step S321, its own leaf key is transmitted to an opposite party device 
(client 1 which checks out a license). This leaf key is memorized by the client of the 
other party in Step S304 corresponding to license ID. 

[0235]Next, in Step S322, CPU21 receives this, when the license and ICV which were 

enciphered from the client 1 of the other party have been transmitted with EKB and a 

certificate. That is, this license, ICV, EKB, and a certificate are transmitted from the 

device of the other party by processing of Step S307 of drawing 41 . 

[0236]CPU21 makes the storage parts store 28 memorize the license received by 

processing of Step S322, ICV, EKB, and a certificate in Step S323. 

[0237]The client 1 which received check-out of the license as mentioned above 

performs processing shown in the flow chart of drawing 43 , when using the license 

which received check-out and reproducing predetermined contents. 

[0238]That is, in Step S341, CPU21 of the client 1 calculates first ICV of the contents 



as which reproduction was specified by the user via the input part 26. And CPU21 
makes ICV which is memorized by the storage parts store 28 and which is enciphered 
decode in Step S342 based on the public key contained in the certificate. 
[0239]Next, in Step S343, it is judged whether ICV calculated now by processing of 
Step S341 and ICV of CPU21 which was read by processing of Step S342 and 
decoded correspond. The license will be altered when both are in agreement. Then, it 
progresses to Step S344 and CPU21 performs processing which reproduces 
corresponding contents. 

[0240]On the other hand, in Step S343, when judged with two ICV(s) not being in 
agreement, a license has a possibility that it may be altered. For this reason, it 
progresses to Step S345 and CPU21 performs error handling. That is, at this time, 
contents can be reproduced using that license. 

[0241]Next, processing of the client which receives check-in of the license once 
checked out to other clients as mentioned above is explained with reference to the 
flow chart of drawing 44 . 

[0242]First, in Step S361, CPU21 acquires the leaf key of the device (client 1 which 
returns a license (check-in)) of the other party, and ID of the license for check-in. 
Next, in Step S362, CPU21 judges whether the license for [ which was acquired at 
Step S361 ] check-in is a license which he checked out to the opposite party device. 
This judgment is performed based on ICV memorized by processing of Step S308 of 
drawing 41 , a leaf key, and license ID. That is, when it is judged and memorized 
whether the leaf key acquired at Step S361 and the licenses ID and ICV are 
memorized during the check-out list, it is judged with it being the license which he 
checked out. 

[0243]In Step S363, a license requires deletion of the license of the device of the 
other party, EKB, and a certificate CPU21 , when he checks out. Based on this demand, 
the device of the other party performs deletion of a license, EKB, and a certificate so 
that it may mention later (Step S383 of drawing 45 ). 

[0244]In Step S364, since the once checked-out license has checked in at CPU21 
again, only 1 carries out the decrement of the number of times N1 of check-out of the 
license. 

[0245]In Step S365, it is judged whether CPU21 has checked out other licenses to the 
device of the other party, When other licenses which he has still checked out do not 
exist, it progresses to Step S366 and CPU21 deletes the memory in the check-out list 
as check-in subject equipment of the device of the other party. On the other hand, in 
Step S365, since check-in of other licenses may be received when judged with other 
licenses which he has checked out to the device of the other party existing, 
processing of Step S366 is skipped. 

[0246]In Step S362, when it judges that the license made applicable to check-in is not 
a license which he checked out to the opposite party device, it progresses to Step 



S367 and CPU21 performs error handling. That is, in this case, since it will not be the 
license which he has jurisdiction over, check-in processing is not performed. 
[0247]when a user copies a license unjustly, the value of ICV memorized differs from 
the value of ICV calculated based on the license acquired by processing of Step S361 
— he can come out and check in. 

[0248] Drawing 45 expresses processing of the client made to check in at the license 
which he has to the client which performs check-in processing of the license shown in 
the flow chart of drawing 44 . 

[0249]In Step S381, CPU21 of the client 1 transmits ID of the license a leaf key and 
for check-in to the device (client 1 which performs processing shown in the flow chart 
of drawing 44 ) of the other party. As mentioned above, in Step S361, the device of the 
other party acquires this leaf key and license ID, and performs authenticating 
processing of the license for check-in in Step S362 based on it. 

[0250]In Step S382, CPU21 of the client 1 judges whether deletion of the license was 
required from the device of the other party. Namely, when a license is a license for 
[just ] check-in, as mentioned above, as for the device of the other party, deletion of 
a license, EKB, and a certificate is required by processing of Step S363. Then, when 
this demand is received, it progresses to Step S383 and CPU21 deletes a license, EKB, 
and a certificate. That is, since this client 1 will be in the state where that license 
cannot be used henceforth and DEKURI mend of the number of times N1 of check-out 
is carried out only for 1 by processing of Step S364 of drawing 44 , it means that 
check-in was completed by this. 

[0251]In Step S382, when judged with deletion of a license not being demanded from 
the device of the other party, it progresses to Step S384 and error handling is 
performed. That is, check-in will not be possible for the reasons of the values of ICV 
differing in this case. 

[0252]Although check-in and check-out were explained above, it is possible similarly 
in a license a copy or for it to be made to carry out a move. 

[0253]Next, in order to prevent the alteration of a license (contents are also the 
same), the integrity check value (ICV) of a license is generated, and it matches with a 
license, and calculation of ICV explains the processing constitution which judges the 
existence of a license alteration. 

[0254]The integrity check value (ICV) of a license is calculated, for example using the 
hash function to a license, and is calculated by ICV=hash (Kiev, L1, L2, ...). Kiev is an 
ICV generation key. L1 and L2 are the information on a license, and the message 
authenticator (MACiMessage authentication Code) of the critical information of a 
license is used. 

[0255]The example of MAC value generation using DES cipher-processing 
composition is shown in drawing 46 . (dividing the target message per 8 bytes, as 
shown in the composition of drawing 46 — the divided message is hereafter set to) M1, 



M2 MN — exclusive OR of initial value (IV) and M1 is first carried out by operation 

part 24-1 A (the result is set to 11). Next, 11 is put into DES encryption section 24-1 B, 
and it enciphers using a key (hereafter referred to as K1) (an output is set to E1). 
Continuously, exclusive OR of E1 and M2 is carried out by operation part 24-2A, the 
output 12 is put in to DES encryption section 24-2B, and it enciphers using the key K1 
(output E2). Hereafter, this is repeated and encryption processing is performed to all 
the messages. EN which came out at the last serves as a message authenticator 
(MAC (Message Authentication Code)) from DES encryption section 24-NB. 
[0256]The integrity check value (ICV) of a license is generated by the MAC value and 
ICV generation key of such a license with the application of a hash function. For 
example, if it will be guaranteed that there is no alteration in a license if ICV generated 
to the license generate time is compared with ICV newly generated based on the 
license and the same ICV is obtained, and ICV(s) differ, it will be judged with there 
having been an alteration. 

[0257]Next, the composition which sends Kiev which is an integrity check value (ICV) 
generation key of a license by above-mentioned validation key blocks is explained. 
That is, it is the example used as the integrity check value (ICV) generation key of a 
license of the encryption message data based on EKB. 

[0258]When a license common to two or more devices is sent to drawing 47 and 
drawing 48 , the example of composition which distributes the integrity check value 
generation key Kiev for verifying the existence of an alteration of those licenses by 
validation key blocks (EKB) is shown. Drawing 47 shows the example which distributes 
the check value generation key Kiev which can be decoded to the devices 0, 1,2, and 
3, and drawing 48 shows the example which carries out RIBOKU (exclusion) of the 
devices 0, 1, and 2 and the device 3 in three, and distributes the check value 
generation key Kiev which can be decoded only to the devices 0, 1, and 2. 
[0259]In the example of drawing 47 , by updating node key K(t)00 with the data Enc (K 
(t) 00, Kiev) which enciphered the check value generation key Kiev, a device — zero 

— one — two — three — setting — each — having — a node key — a leaf key — 
using — updating — having had — a node key — K — ( — t — ) — 00 — decoding — 
being possible — validation — key blocks (EKB) — generating — distributing . As 
shown in the right-hand side of drawing 47 , first each device by processing EKB 
(decoding), updating — having had — a node key — K — ( — t — ) — 00 — acquiring 

— next — having acquired — a node key — K — ( — t — ) — 00 — using — 
enciphering — having had — a check — a value — generation — a key — Enc (K (t) 
00, Kiev) — decoding — a check — a value — generation — a key — Kiev — 
obtaining — things — being possible — becoming . 

[0260]the other devices 4, 5, 6, and 7 ... by the node key and leaf key which self holds 
even if it receives the same validation key blocks (EKB). Since node key K(t)00 which 
processed EKB and were updated are unacquirable, a check value generation key can 



be safely sent only to a just device. 

[0261]On the other hand, the example of drawing 48 noting that RIBOKU (exclusion) 
of the device 3 is carried out by disclosure of the key in the group enclosed with the 
dotted-line frame of drawing 12 , for example, It is other groups' Memba, i.e., the 
example which only received without the devices 0, 1, and 2, and generated and 
distributed the validation key blocks (EKB) which can be decoded. The data Enc (K (t) 
00, Kiev) which enciphered the check value generation key (Kiev) as the validation key 
blocks (EKB) shown in drawing 48 by the node key (K (t) 00) is distributed. 
[0262]The decoding procedure is shown in the right-hand side of drawing 48 . The 
devices 0, 1 , and 2 acquire an updating node key (K (t) 00) from the received validation 
key blocks first by the decoding processing using the leaf key or node key which self 
holds. Next, the check value generation key Kiev is acquired by decoding by K(t)00. 
[0263]the devices 4, 5, and 6 of other groups who show drawing 12 — even if ... 
receives this same data (EKB), it cannot acquire an updating node key (K (t) 00) using 
the leaf key and node key which self holds. Also in the device [ RIBOKU / device / 
similarly ] 3, by the leaf key and node key which self holds, an updating node key (K (t) 
00) cannot be acquired, but only the device which has a just right becomes possible 
[ decoding and using a check value generation key ]. 

[0264]Thus, if delivery of the check value generation key using EKB is used, data 
volume will be lessened and only a just right holder will become possible [ distributing 
the check value generation key whose decoding was enabled ] safely. 
[0265]The illegal copy of EKB and an encryption license can be eliminated by using 
the integrity check value (ICV) of such a license. For example, as shown in drawing 49 
A, there are the media 1 which stored the license L1 and the license L2 with the 
validation key blocks (EKB) which can acquire each license key, and the case where 
this is copied to the media 2 as it was is assumed. The copy of EKB and an encryption 
license will be possible and this can be used with the device which can decode EKB. 
[0266]In the example shown in drawing 49 B, it has composition which matches with 
the license justly stored in each media, and stores an integrity check value (ICV (L1, 
L2)). (ICV (L1, L2)) shows ICV=hash (Kiev, L1, L2) which is an integrity check value of 
the license calculated by using a hash function for the license L1 and the license L2. 
In the composition of drawing 49 B, the license 1 and the license 2 are justly stored in 
the media 1, and the integrity check value (ICV (L1, L2)) generated based on the 
license L1 and the license L2 is stored in them. The license 1 is justly stored in the 
media 2, and the integrity check value (ICV (L1)) generated based on the license L1 is 
stored in them. 

[0267]Supposing it copies {EKB and the license 2} which were stored in the media 1 to 
the media 2 in this composition, by the media 2. If a license check value is newly 
generated, ICV (L1, L2) will be generated and, unlike Kiev (L1) stored in the media 2, it 
will become clear that storing of the new license by an alteration or the unjust copy of 



a license was performed. In the device which reproduces media, an ICV check is 
performed to the front step of regeneration steps, and coincidence of the generation 
ICV and the storing ICV is distinguished, and when not in agreement, it becomes 
possible to prevent reproduction of a license of an illegal copy by having composition 
which does not perform reproduction. 

[0268]In order to improve safety, it is good also as composition generated based on 
the data which rewrote the integrity check value (ICV) of the license and includes a 
counter. That is, it has composition calculated by ICV=hash (Kiev, counter+1, L1, 
L2, ...). Here, one counter (counter+1) per rewriting of ICV is set up as a value to 
************** A counter value needs to have composition stored in a secure 
memory. 

[0269]In the composition which cannot store the integrity check value (ICV) of a 
license in the same media as a license, it is good also as composition which stores the 
integrity check value (ICV) of a license on media with an another license. 
[0270]For example, when a license is stored in the media by which anti-copying 
policies, such as the ReadOnly media and the usual MO, are not taken, If an integrity 
check value (ICV) is stored in the same media, rewriting of ICV may be made by the 
inaccurate user, and there is a possibility that the safety of ICV cannot be maintained. 
In such a case, by storing ICV in the safe media on a host machine, and having 
composition which uses ICV for copy control (for example, check-in/check-out, 
move) of a license, Safe management of ICV and the alteration check of a license are 
attained. 

[0271]This example of composition is shown in drawing 50 . The license 1 thru/or the 
license 3 are stored in the media 2201 from which anti-copying policies, such as the 
ReadOnly media and the usual MO, are not taken in drawing 50 , It is the example which 
stored the integrity check value (ICV) about these licenses in the safe media 2202 on 
the host machine with which it is not permitted that a user accesses freely, and 
prevented rewriting of the inaccurate integrity check value (ICV) by a user. If the 
device which equipped with the media 2201, for example has PC which is a host 
machine, and composition which performs the check of ICV in a server and judges 
reproductive propriety as such composition when it performs reproduction of the 
media 2201, Reproduction of an unjust copy license or an alteration license can be 
prevented. 

[0272]The client to which this invention is applied can be used as PDA (Personal 
Digital Assistants), a portable telephone, a game terminal machine, etc. in addition to 
what is called a personal computer. 

[0273]The computer by which the program which constitutes the software is included 
in hardware for exclusive use when performing a series of processings by software, Or 
it is installed in the personal computer etc. which can perform various kinds of 
functions, for example, are general-purpose, etc. from a network or a recording 



medium by installing various kinds of programs. 

[0274]. As shown in drawing 2 , this recording medium is distributed apart from a 
device main frame in order to provide a user with a program. The magnetic disk 41 (a 
floppy disk is included) with which the program is recorded, the optical disc 42 
(CD-ROM (Compact Disk - ReadOnly Memory).) . DVD (Digital Versatile Disk) is 
included. It is not only constituted by the package media which consist of the 
magneto-optical disc 43 (MD (Mini-Disk) is included) or the semiconductor memory 
44, but, It comprises ROM22 with which a user is provided in the state where it was 
beforehand included in the device main frame and on which the program is recorded, a 
hard disk contained in the storage parts store 28, etc. 

[0275]In this specification, even if the processing serially performed in accordance 
with an order that the step which describes the program recorded on a recording 
medium was indicated is not of course necessarily processed serially, it also includes 
a parallel target or the processing performed individually. 

[0276]In order for the program which performs processing relevant to security to 
prevent analyzing the processing, it is desirable to encipher the program itself. For 
example, the processing which performs cipher processing etc. can constitute the 
program as a tamper resistant module. 

[0277]Since the license which carries out the utilization permission of the contents is 
specified, the information indicated to the header of contents may not be license ID 
which identifies a license uniquely. It is the information as which license ID specifies a 
license required for use of contents in the above-mentioned example, a certain 
license is the information which specifies the contents which permit use, and it is the 
information which discriminates the license demanded by a license request from the 
client 1. The list of the various attribution information about the contents of contents 
is indicated to contents, and it may be made to indicate the conditional expression of 
the contents a utilization permission is carried out to a license by the license of. In 
this case, the attribution information included in contents is information which 
specifies the license to which use of those contents is permitted, The license is the 
information which specifies the contents which permit use, and the conditional 
expression contained in a license serves as information from which license ID 
discriminates a license uniquely. When it does in this way, it becomes possible to 
match two or more licenses with one contents, and a license can be published flexibly. 
[0278]In this specification, a system expresses the whole device constituted by two 
or more devices. 
[0279] 

[Effect of the Invention]According to the information processor of this invention and a 
method, a license server, and the program, like the above. It enables it to distribute 
the enciphered data freely, and by having enabled it to use contents by acquiring a 
license separately, without barring circulation of contents, copyright can be protected 



and a suitable usage fee can be collected. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is a block diagram showing the composition of the contents providing 
system which applied this invention. 

[Drawing 2] It is a block diagram showing the composition of the client of drawing 1 . 
[Drawing 3] It is a flow chart explaining the download processing of the contents of the 
client of drawing 1 . 

[Drawing 4] It is a flow chart explaining contents offer processing of the contents 
server of drawing 1 . 

[Drawing 5] It is a figure showing the example of the format in Step S26 of drawing 4 . 
[Drawing 6] It is a flow chart explaining contents playback processing of the client of 
drawing 1 . 

[Drawing 7] It is a flow chart explaining the details of the license acquisition processing 
of Step S43 of drawing 6 . 

[Drawing 8] It is a figure showing the composition of a license. 

[Drawing 9] It is a flow chart explaining processing of license offer of the license server 
of drawing 1 . 

[Drawing 10] It is a flow chart explaining the details of the license update process in 
Step S45 of drawing 6 . 

[Drawing 1 1] It is a flow chart explaining the license update process of the license 
server of drawing 1 . 

[Drawing 1 2] It is a figure explaining the composition of a key. 
[Drawing 13] It is a figure explaining a category node. 

[Drawing 14] It is a figure showing the example of correspondence of a node and a 
device. 

[Drawing 15] It is a figure explaining the composition of validation key blocks. 

[Drawing 16] It is a figure explaining use of validation key blocks. 

[Drawing 17] It is a figure showing the example of a format of validation key blocks. 

[Drawing 18] It is a figure explaining the composition of the tag of validation key blocks. 

[Drawing 19] It is a figure explaining the decoding processing of the contents using 

DNK. 

[Drawing 20] It is a figure showing the example of validation key blocks. 

[Drawing 21] It is a figure explaining the assignment to one device of two or more 

contents. 

[Drawing 22] It is a figure explaining the category of a license. 



[Drawing 23] lt is a flow chart explaining ripping processing of a client. 
[Drawing 24] It is a figure explaining the composition of a watermark. 
[Drawing 25] It is a figure showing the example of a format of contents. 
[Drawing 26] It is a figure showing the example of a public key certification. 
[Drawing 27] It is a figure explaining distribution of contents. 

[Drawing 28] It is a flow chart explaining check-out processing of the contents of a 
client. 

[Drawing 29] It is a figure explaining the example which follows the validation key 
blocks by a tag. 

[Drawing 30] It is a figure showing the example of composition of validation key blocks. 

[Drawing 31] It is a figure explaining the composition of a mark. 

[Drawing 32] It is a flow chart explaining license acquisition processing of a client. 

[Drawing 33] It is a flow chart explaining license acquisition processing of a license 

server. 

[Drawing 34] It is a figure showing the example of composition of a mark. 

[Drawing 35] It is a flow chart explaining the registration processing of the certificate 

of a client. 

[Drawing 36] It is a flow chart explaining the certificate registration processing of a 
contents server. 

[Drawing 37] lt is a figure showing the example of a group's certificate. 

[Drawing 38] It is a flow chart explaining processing of a contents server in case the 

grouping is performed. 

[Drawing 39] It is a figure showing the example of encryption of a contents key. 
[Drawing 40] It is a flow chart explaining processing of the client belonging to a group. 
[Drawing 41] It is a flow chart which explains to other clients processing of the client 
which checks out a license. 

[Drawing 42] It is a flow chart explaining processing of the client which receives 
check-out of a license from other clients. 

[Drawing 43] It is a flow chart explaining regeneration of the client which received 
check-out of the license. 

[Drawing 44] It is a flow chart explaining processing of the client which receives 
check-in of a license from other clients. 

[Drawing 45] It is a flow chart which explains to other clients processing of the client 
which checks in at a license. 

[Drawing 46] It is a figure explaining generation of MAC. 

[Drawing 47] It is a flow chart explaining the decoding processing of an ICV generation 
key. 

[Drawing 48] It is a figure explaining other decoding processings of an ICV generation 
key. 

[Drawing 49] It is a figure explaining management of the copy of the license by ICV. 



[Drawing 50] It is a figure explaining management of a license. 
[Description of Notations] 

1-1,1-2 [A timer, 21 CPU, and 24 / An encryption decoding part, 25 codec parts, and 
26 / An input part, 27 outputting parts, and 28 / A storage parts store and 29 / 
Communications department ] A client, the 2 Internet, and 3 A contents server and 4 
A license server, 5 fee-collection server, and 20 
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miE3«¥® £ <fe 5 Sf3 S tifc ftu E^ -f -tr > x tt S £ , 
WE4»**BiJiSf«*d*, 

HuEW^^Sii , kuHB v -f -fe vxtc & * tiS HuEffl^M 
BiJflWH ^ ME«*»giJW«E«-¥®tcE1tt* tiTi. > ^> flu 
E«**g'J«*i:*tt«L, W^-aLTt^if^tc 
20 IStK ^.i^^^^^X^iiujBriyf-y'y^^iiilJ^.^^T 
*S^>r-tr>XT'feSi: WaL'*T ^> c t&Vi : fflLt~$'Z> ,1,1* 

JH2E««tt*«iaiisiBo 

[SMc JH 9 ] ^-r-fevx^S^LTi/^iifc^f+i: 

x d:i 3 > r- > V * mm ffrvi-t z> mn 7^-byx^t 

5fci6^7^-l!yx^tl«i:, 0B^ft*nfe3>-r> 
7f-^t 3 y -r > ^ -r — * ' J*T S 46 ^'& { * 
SflVi « i: , * tr 3 > -f > ^y * jBDS^r § X r- y° t . 
30 S K ^ -fe > X ic J; o T ?U ffl HP "I ?ti5 ml £3>f>7 
^£ir 3 /c ^ 3 > ^ > ^y ^ 

f»E 3 y f > ^ €: f iJ ffl HF "I "T 5 C i: ^ ^ S v -f -tr > X 
A< hu E ^ ^ -fe > X Elfl-f-S ^ E* s n T i/ ^ ^ s*^ * -t-y 

40 immn o] ^>rHr>x*«fSLri/^*ch**tt- 

^K3y^y*y*ftffli*^SfiflE^^-b>X«:W3!-r 

g|t,'i : j^S , « rv tr 3 > f - > ^y * , e ta *r § X r- >y 7° t s 
Si7^-byxia^T|ijffllW?n^Hii£3yfy7 
tWS^afcfeto^^f-^^W^IBS^ty^^-bvx 
^EH-r^X-r-v^fc, 
50 B&E^y-ry^^rfiJffll^pI-rsc fc*<T*#Sv^-byx 
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*< mm v -f -tr y x K!«#a ic ibis s n r i ^ ^ « w 
mzn-fc^mck o ^^^yxmm^nx^ztpm 

^^^^^VXlC^oT^iJJIJ.I^^tl^iiu.iari^^V^ 
«rWAi£-T S /c 46 con > -r > ^J/iTti'f « £ , tffffljfflf'HftiH 

*a«H"i-r « «Bik3«B>j«f *«: ^trMaa^ -r -tr ^ *aa«-r 
3 ^ > xtait^a i: w««asn^ 6 mm a , 
v -tr v x*afc5wr s ^ -tr > xa»giii?n«*^cr^ -tr 

fttj K ^ -tr y X ^ tc 15 S ft § ml rfE ^ -f -tr > X IKS'J'Wffi 

iju.iMja^a^ ct o am a n/ciiij.id^ y -tr >xtc fi^as 
v -r -tr > x**--/ ^a«fi«*fflv^T, /!fj,wfflia-T-®ic j: 
/ju^aw^-a^ 

f-atc ± D »* * ft fc 9 -fe > X£r flfj E v -tr 
X % Jgff a ti'I BHBfl WiS T 35 o T , 

ts ffliafiKia^ e^^aan/c, ^ -tr > x mm\ t§7 

mj.E^ Y-tr VX^^c^ ft3 iV/.iB^ -f -tr >X«B"Jtf/ffl 

ic *«s-r * ffitz ^ >r -t > x * sfjia ^ -tr > x Eta^-a^ 

bMit^xf7y^, 

S93ii«mi#atc ck o ttm $ ft/cMia-? -tr > x huEM 

=y 4 -tr >x*- / W«ffi«*fflt , 9MB«iai#afc £ 

o ^Mtmmm^m an^^-tr^xic 

ftll^SX-r^ 

fVi l ^ ^ J; 0 ^ ^ n /c ^ -fe ^ X ^: f i.7 ,s ^ -tr 
> X &i**5Mf, 1 L fct.'f *B«lf l !!«ii v «c3^f 1 if 5 Xf7^ 
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SK^><HrVXtcJ;oT*iJffl^Sn*Ba3G=i>-ry^ 

Jfe.MB'l-r S ffl^ilKM'Jti'i nr/.S v ^ -tr y x £r,;ats*r 

^Xf77i:, 

««*a*i»H*p s ?n/c, v -tr y x ^auB'j-r a ^ 

>ft>XltSUt)l«*&€?^^-te>X«*«:a<i'r5X-f 

H5ie ^ > xs*tc ^ * n s Mia ^ -r -tr > x mmm 

10 \c WiS-T a nu -7 -< -b y X «: ^ -tr > X ISti^a^ 

mhiawitti^atc cfc o am a n/c fir/.re-^ -tr > x ic riu,E«i 

ffls^in-r a x r y ^ t , 
^ -tr > x-9-- / w«H»«*ffl ^ t , fl(fia«aai^ ate j: 
^tt*i«giJW**f*j!inanfc7>riryx»cTtt7* 

so Ea* #atc ct o S4& a n/c ^ -tr > x * mib ^ -y -tr 

>xfi**iM(abfc1««^»«K:aif3'r«X7 L ^yi: 

[0 0 0 1 ] 

tf^ri, ^^-tr>X-^~/v ffitflc^nyvA^UHL. 

^-{tfflca^^^-f-tr^X^S^Ti^^ny^^ 
^^^lEtcntf-^n, fu/tJsns^o*iwii:-r*c k^ 

[0 0 0 2] 

[fie*<Ott«] Witt, Y>^^7b^lt, a— y 

[0 0 0 3] COct^ft^Xf^tt, IHHraWlCti, l 
oa-W, *n*?iJJIJ-r*ci:AMijflEf:&D, 

[0 0 0 4] 

[ooo 5] ^BWHicco^^ft^iaice^Tftsnfc 

[0 0 0 6] 
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M & iii ft »tu « i: £r fTt? =i > -r > *y * JBtS-T S 3 > f- > 

y .eta^a t , fUiUiffni s ns n > f- > ^ £ w^-r 3 

-r -b > x sstt-T-K ^ , ^ > -r > *y * w s c £ # 
t* # £ ^ ^ -tr > x v -r -tr > x ii a it ^ a tc fata ^nt^ 

[0 0 0 7] ti'JftHEf'fiSSIHtiUiii:, 7^iryx+)-/^ 
^ >f -b yx^fflt £ rztb<D? 4 -t > x»giJW«*^tr 

> X f'Pi ic s n 3 cfc -9 f § c h T* # 3 o 

[0 0 0 8] 3>f>7f-^(if^XFf"^ lift 

■f > ^ -r — 2 £ l } f It *r S 1 1> A 4A -f^a* iii tc till a. 3 X o \z ~? 
[0 0 0 9] gttfffllttEKB (Enabling Key Block) 

x/- K^r- 3aia-T-Bitc3affisnri/^5'r^>f xy- f 

*ffll^TEKB (EnablingKey Block) ^IM^Mtf 
[0 0 10] atftflWiiglCEKB (Enabling Key Block) 

fflSntl/^f/WX/- K^F— %/fl^TEKB (Enablin 
g Key Block) *U U9 ^tltol- h 

[ooi i] ^-r-tvx&sgtc, ^co^-fcvxtCcfco 
[0012] ^-r-t>xtiietc> ^-r-fe>x-9---/*cDHs 

[0 0 13] tf/fttMll'BJSlHtt, Ui^t. , j £ «4Q ! «!*6i«*.««iJ 

^^-b^x^Raiiitc «a*,i«m , /«.?Bta¥a*c l i2 

snfc-7>r-bvxttaitc, fla*«gijit?H*^, *u^# 
a«±, 7^ir>xtca*naM*it»Jtff«fc«i*«8'j« 
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[ooi 4] *$B W J of i'l *«lP«*ras . 3>-r>^*?'J 

ffl pj-r « -7 -t > x*^-r s 46o ^ ^ -t > x^/2 

^T^^^^ir^x^^^-t^xjBts^a^.iais^nT 

-tr>x^iaiti^nTi^t^j®f^n/cc it 
n>fy7C03>f>7f-^^l^xf'v7^ 

[0 0 15] *58BnoynyvJUti, 3>-r>^*?iJffl 

vij-r * ^ -t > x*«p^-r ^rzisbcD^^^y xwans 

^^.iBtfi^^X-r^y^, ^iJllLrfnrsnsn^-r^'V* 
1#^4fc*03>^>^a£lS*H*d€r^>r-fe>X* 
IBIfi-TSX-r^'/h, nV-rV^SrSJffl.ffMl-r^C 

T^^vY-trvx^v-r-trvxpfati^atcgat^^nTi/^ 
§ A^jb^waf-r * x r ^ £ , wffi^atc * o ^ >r -tr 
>x^3Bia^ nr t ^ £ <^ wrr $ n/c c t tt&n- tLx^ 
yf>7«3yfy7f-^M^§xf77^3 

[0 0 16] 7ny7A^^lH^^)-^W!tt'yft?tl 
[0 0 17] *SI»]0^-<"bVX-9-— ^nTStl* 

3 > t- > ^ «: w^-r 5r:»o3>fy7 se« « h > ts 

««ffl«H*«i3iJ-r ^> ffll*»KiJtS»*de^ -t > X 
JBIfi-T £ ^ -tr > XE«? a ^ . tSffl«lffli!fi»^ b 3^fi 

snft, ^Y^>x^^ut-^^^^>x3KiJtH^^& 

^RicrV^n^^^-trVX ,HK>jiJ t. 1 / « tc ft JST ^> v -tr > X 

^ ^ -r ^ > x ,iats^ a^ fcttw-rstttb^a*:, « ta # 
ate cfc o «iai ^ n/c ^ >r > x ic «g*aigijfi}*B«rf*<in-r 

fi^-a^ <fc o AS*«iBijfflHB*f*ftu s n/c ^ >r > x tcm 
^s45*WAn-rsa45^ak, »*^a^j:t)»*sn 

^ asm-r * asm =^a t **» ^ s c t t: -r s e 
[ooi8] ^g^j^t'i : ^^'iw^^> fijjii.ftoisn* 

Y^^X^SBgUt-a^Y-fevxMHiJtSfiSr^^^-tv 
50 XSsRSrSM-rsx-ryyfc, 7>f^>Xfi*li:ft$n 



3 "7 4 -tr >XS*B'J1S«fc: ttJ&f ^^vx^-firy 
m S tifc ? <t -tr > X K fflS^«8UtB««r^*n-r S Xf7 7° 

fc, ^^^y^-^<o%mwt\\\^x^ mn-^micx 

0 *Bi4c,»tfJt» , f«*ftJ!iLi S ftfc 9 -f -b >xtcvli^-£,£ft- 
All* SXr-yrt, »« =P © £ t) W« 5 hfc ^ ^ -tr > 
X £ ^ -tr > X E>R*aHI L fcWfflfflHSBfc: mmf £ 

[0019] *awonHB»a««. m 

[0 0 2 0] ^£HJ]o^-Y^>X^-/v MtflctfJSfli 

fiiTj r£ r* ti > vniioyui famm\?iv(Dfri mr^^^y 

[0 0 2 1 ] 

imm^mommi tarn* *5swj*sifflLfc=i>-r 

2tcte, ^7^7>M-1, 1-2 (fcCF* ctib^ 

* ^ -r r y v & m u k bij f ^ # a ^ is 3\ # tc ^ 

* — * -y h 2 IC ti , {H.Wtf«<0 ^7^7> b tfffitti £ 
[0 0 2 2] Sfc, — h 2lCtt, ^7^7> 
3, 3 > f y 7*-^ 3 «t 5 3 >f y t 

^wc^&^-t^x^^r y b i tcWLTM-^- 
-r^-r-tr^x+J-— is&TSZ^'fryb i 
-trvx^S'tn^o/c^tc, -^^^yyb nc j*l 

[0 0 2 3] Cnio^^VfV^^^, 7-ft>X 

-*-y h2tat«?n5o 

[0 0 2 4] K2(^7^7>hl <0«rdc*iSLT^ 

[0 0 2 5] [*]2lc:|o^T, CPU (Central Processing 
Unit) 2 1 ROM (Read Only Memory) 2 2 tc,£tfi£ 
ntl^7°P^7A, Sfctt,l3taW2 8*^RAM (Rando 
m Access Memory) 2 3 ten— F tStlfc^u ^ixtcftG 

m\ H*SiJt»««rCPU 2 1 IcmffifZo RAM2 3tctiS 

/c, cpu 2 i A^a<oJttfi*^tT'rs±tcj3i^T 4 esKft 

[0 0 2 6] H8 l ^{fcfcl^8IS2 4 lis 3 >"r >^-r-** 
Hff '< t*T 3 i: i: t lc , iS£ Htf ' J f 1 2 ft T i > S n > r > ^ 

ATRAC (Adaptive Transform Acoustic Coding) 

-Y>^Voi-X3 2^LT K7^73 Otcfg^^tlT 
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[0 0 2 7] ¥^t'J4 4(t 0J*tf, ^t'JXf 
^y^ (iffift'O &£iCcfcDfflJ«;*nSo 

[0 0 2 8] CPU 2 K ROM 2 2 , RAM 2 3 , Bg^lfMS^ 
^2 4, *3<fctfn— -r-y *SB2 5 «u /U3 l^/MT 

^7^7x-X3 2 fcSM&SftT^So 
/(9 [0 0 2 9] A*iH>^7i-X3 2tCti, 

H\ v7X^^i: 0&SA^JSP2 6, CRT, LCDaif«fct) 

2 7, /N-Kf r >rx^ftHJ;OWfi5t^n«,?21flrtP2 8, 

2 9tffiRSnt^5o ai<iSI5 2 9 f±, Y7^-^7h 
2*^LT^iifl{8ffl ! ffl*fi : 5o 5ffifflffl52 9ttS/-c, ffi^O 

[0 0 3 0] Aili-i^>^7i-X3 2(C^^/c, 
) 1 C7 :: >X^4 2. >tf^a7 :: VX^4 3. iSlHiWf*^ 
J>ea-^7°D77A^ ^tC^l:Tgd'tSg[5 2 8^C 

Y>X h — ;^n^ 0 
[0 0 3 1] Ea*tt*BS-rS*^ 

T(±. Bd2C0WfigCi, n>-r>^1t-A3, ^Y-tr>X 
[0 0 3 2] %UC, m3<Dyu-?-v- h^r#! J .aLT, 

^7Y7>h i ^3yf>7^^3^bnyfy7^) 

[0 0 3 3] a— tf*V A77 A ^2 6*«ft=-rsc:4:T*=i 
>7 L >^^-/^3tc^-r^r^-trX^lli^'r^i:, CPU 
2 1 Xr77°S 1 tCfcl>T, M{ l }ffl5 2 9*3iiJWL, 
-O^— T^y h 2^frLTn>7 L >^^--/N3tcr ^-tr 
XH^c Xf7^S 2tCfc't^T, ^—+f^\ X^jffi2 

CPU 2 1 C^ffiTHM-fti^SttUXO, iffif3g[52 9^ 

h t£F8 L T »id5-r ^> ck 5 , c cO)ffi):-p 1 1 a > f- 
^ 3 ti, Bft y^n/cnyf77 T 2, ^ ] 

LT<S<DT% Xf7 3tC*5l^T, CPU2Ui, M 
mffi2 9«r^LT, C con >f> ^-r-^*S«r 5 

7 L > % y-r-**rd«ffl5 2 8%«lrict5A- K-rVX^lc 
50 tltt&L, iE«*tt*o 
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[0 0 3 5] XT77S2 1 IC*5^T\ 3>f>7*- 
^3 ©CPU 2 1 — F 2**£iii«8B2 9 

U r**X*§tffcfc«5£L;fc£:#, Xf7^S22 

[0 0 3 6] Xf77°S2 3iCfe^T, 3yf>7^ 
3 ©CPU 2 1 ti, *E1fiffl5 2 8^^'ti^nTi^n>f- 
V^y-r — £©^6, Xf77°S 2 2©®JITi&9)£3: 

n/:tNi^?nfca >7^M^aii- 0 cpu2 i 

Ci, Xf7^S 2 4lC*5^T, ;EffifflS2 8fr6SW*m£ 

3>-r>*y+— Kc*MJi/^TH|'fiJftS-ti:So 
[0 0 3 7] ."ElfinflZ HiCjtZ'ljS^nTl^nv-rV^f" 
— 3— r r *y^i 1 f|5 2 5tC«fcO, I#KATRAC 3 

J; ^xva- K?tiTi^o)t\ c©x>n— F£ftT 

[0 0 3 8] **5, fSS/U flataSIS 2 8fcT'*»S#{t 

§o C©^tCt<*. XT7 7 5 S2 4«IliftWC 

[0 0 3JJ] iWC Xf7 "/S 2 5l£*5l^T\ 3>"r> 
*y+f— /^3©CPU2 Hi, BtfWfcLfcnVxVrv-r--* 
*fc>£~?2>y *-v<y F^r^^^y^ Hg^ffcS 
ft T i * 5 n vf > ^y ^"T £ to i&SSft*- «« (H 
5*#5(iLT»y?f SEKBfcKEKBC (Kc) ) ^>"r> 
y *f "J/fl-T £ ©tc£^& ^ ^ -tr > XJ&MtgiJf & fci6©^ 
^-teVXID^t/HI-rSo fit, XT7 7°S2 6[Cfct> 
T\ 3>-r>^y+f— ^3 ©CPU 2 Hi, Xf77°S2 4 
OffifWHiVjMtbfcn^-rV^fc, xf7ys 2 SOfflL 

7hftt/:f-5?^, Jifif, =;rtl5 2 9^5, ^>^-^7h 

^ o 

[0 0 4 0] g|5t±, C©cfc5tcL"C\ nv-r^y+J"— 

/N3^b^7^7y h i tc3>-r>*y^(tt*esns«ia' 

-5 tc. c©"7 * — v>y hti, (Header) £"r—$ 

(Data) fclc£S*»fiJ£SftSo 

[0 0 4 1] ^N^y^cti, 3 y-r-^y fi 1 / fli (Content in 
formation) , 9 i> r £;Hf?'JB fHltflffl (DRM (Digital Ri 
ght Management) information ) , v-f-fe^XID (Lie 
ense ID) , Y^7"U>^-7"n7^ O&SSMfc*- 
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yay?) (EKB (EnablingKey Block) ) *5<fctf, EKB 
>"y4=— Kcfc LT©^— ^Kekbc (Kc) tfBBBSftTl^ 

[0 0 4 2] nv-rv^yt9*tctt, f-^i:lT7^ 
v>y hft^nTi^ny^v^x— **JISBiJ-r*/-c«>(0 
WHiJtSffifcbT^nVT-V^ID (CID) , ^©n>ir> 

y<D=i-T »y ttottia E(D'\m&n£ ft r I > § o 
[0 0 4 3] x^^yl/ttftBJatSSitcji, nv-r^y* 
{*ffl-rSKHU*5«fctf«flg (Usage rules/status) UR 
L (Uniform Resource Locator) tflEiftSftTl^So fiE 

[0 0 4 4]URLte. ^^-trVXIDT^^n^^-f-tr 

y x fciwrr * £ # r » -t x-r * r f u xtfffti r* » o > 

a 1 ©'>X-rA©if3\ v-T-fe>X*SW 
S/-c*tC^2S&v>r'fe>Xit- ^4 0T KUXTSSo 

^y *?uj ij-t £ ^^^^7^-t > x*,ittMij-r s fe 

[0 0 4 5] -r-*fci\ ffijfl©»«lWiJft^P i y* (En 
cryption Block) lc <fc &BffSMfc:7n -y * 

ti, >f^y + M> (IV (Initial Vector) ) . v 
— F (Seed) . *5 .fctfn >"r yVy?-2%*-K' cT'Bg 
-}ftL/c-r-^EK' c (data) tc <fc 0 BritSntt^o 

[0 0 4 6] ^-K'cli, ^{CcfcO^^nScfc^tC, 
nyfV 4^-Kc i: , gL»T-igi'4i £ ft 5fiftSeed*v n ^y v 
I jy K tc M/ 1 J L T fiiiTJC £ ft /c fu'i «t D W/K £ ft 5 0 

[0 0 4 7] K'c = Hash(Kc, Seed) 

[0 0 4 8] Jr-y*;\,H? F;l/IVi:v-FSeedti, 
BS t ^ n -y » » 38 ft S ffl KSI £ ft £ o 

[0049] ctoBS^ttt, z2y^yy(DT-^^8^ 

^hWM»Lt, 8/n-T FWtc?T^ft^>o »fa©8 
/W FOBBEWtCi, rWBi<0 8/W h<OBS^{t<Ojp.S»i«rf'J 
/flLTfft)ftSCBC (Cipher Block Chaining) t-KT 

ff^ft^o 

[0 0 5 0] CBOE— K<D4}^ U?/J©8/WF©n> 
-rV^y^-^^Bffi^trSi:*, ^©iirjK©8/W 
BS^ft*S4R*^fibftt>fca6, fR*KJ«0 8^>f KD3>f 
Wr—#*:ti5mttr F;HV 
«r«II«fiifc LTBB^t^ff *Jft*o 

[0 0 5 1] CiOCBC-t-KtCcfcaBS^ft^ff^Ci: 
T% locDBg^t^ny^^lBK^ftfehLTt, ^© 
fifiOBg^t^n »y ^tc*5 cfc^Cc h^fflfffij^ft 

[0 0 5 2] 4*5, C(OBffliftlCOt^Tf±, H 4 6 ^# 

[0 0 5 3] Hg^^tC^V^TtiCfttCffi^ft 
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[0 0 5 4] VAA\(D^olChr, ^7^7yhH^ 3 
[0 0 5 5] LfrL&tf^, S^7Y7>h 1 W\ Btf'J 

§ o 

[0 0 5 6] Xf7/S 4 1 iCfe^t, ^7-f7>M 
<DCPU2 H±, :x-tWA*iaS2 6*tftf^"r 5Ci:T*JB 

>j^L/-c3>7 L >^o,aiMijti , f« (cid) ^Hxfj-rsc c<o 

[0 0 5 7] fit, CPU 2 1 tt, nyfWtffflSS 

3 > X > *y «rfl!ffl -T S cO ^ Y -fe V X O I D) 
MR5o CO^-trVXIDli, g| 5 iC^StlS £ "5 fc, 

[0 0 5 8] :^tC, Xf7 7°S 4 2 tC]iii^, CPU 2 1 
ii, XT77S4 1 T^^bft/c^^^>XIDtC^6 

ft. E«f5[5 2 StcElfi^nTV^A^^SrWai-rSo * 
/c\ ^^-trVX^HM^^ftTV^^ty-^lcti:, Xf7^ 
S 4 3lC]ffi^ CPU 2 1 tt. ^>r-b^XIRWffla*^f : f 

[0 0 5 9] Xf77 P S4 2fC*5^T\ ^ Y -fe > X jW8E 

S 4 3Kfc^T\ 7Y^yxWfW!^fr^ti/c$£ 
^^-feyx^lRfiJSnrcJSn, Xfy^S 4 4tc]ffi 
CPU 2 Hi, IRty^ftTl^^^-tVXfi^jMSM 
<D fe cOTfe S "Sfr* W&f £ c ^ >f -br > X^ft* J»)tH 

ttsnT^jwiH (»y5-rsBi8#KO *-rv2o 

cfc 0 ,ltn* S ftT ^ S Sift EJ i: fct«T £ c h T*WBf S 

ft s o mmm^mc mrLx^zt w& 

$nft«}^ cpu 2 i xf77s 4 stciffi^, ^ 
^vxMirr^^^ff-r^o cwv^"b>x®jfr*aaa) 

J¥*HW\ RSI 0tO7D-ft- h*#R9UT*SB-r*o 
[0 0 6 0] Xf77 P S 4 4 tCfel^T, ^^-trVXtiS 
/£»S»JWIErt-t?ftSi:W^sn/£itt^ Sftti, Xf7 
7°S4 5tc^^T, 5-r-tr^x^UiSf^ft/c4i^ Xf 
77S4 6tC}ffi^ CPU 2 1 a, H^J-ffc^ftTi^riv 
f->^-r-^^ ( £1fi^2 8fr5,b'«*aJU RAM 2 3 Kfa 
mZ^t&o ^IT, X-r«y7°S 4 7lC*5^T, CPU 2 1 
J±. RAM 2 3tciB1ft5tlfcOS^ft^n-y ❖ (O-r— 

Bl 5 coir-^tcpiLlK^ftTi^ng^tyn »y 
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[0 0 6 1] 3>-r>'y*— Kc*t'JS>ji£-om*ffJ«, 

m \ s^BaLrfftiE-rs^ t^yx/-f^ (dn 

K) (B8) «rJIIl^t\ EKB (0 5) &Cf*|;ft3*-K 

^Kekbc (Kc) (H5) 3>-r>^*-Kc«:W5 

[0 0 6 2] CPU 2 Hi, 2 Xr-v/S 4 8lc*5 

/0 B8#{b#^8P2 4tCcfc^^^^ft/ia>-r>^"r 

-*«rn— r'y*gS2 5lc«*6L, f3-KS« 0 * 
IT, 3— r»y^flB2 5 tci; 0 f3- FSnftf- £ 
«\ CPU 2 Hi, Afti^-O^x — X3 2 fr€>fli*jffP 
2 7tC«ISU D/A£SSS-e\ Xb°~^^H/j£^ 

■ [0 0 6 3] ^C, H7(0"7n— ^-v— h*#HabT, 
i6^Xf77°S 4 3T*fffctlS'7>r-fe>Xffit#ffl.a(0 

[0 0 6 4] ^7^7yM(i, y?Hijtc^-f-b>x^- 
20 /^flSatSilitCj;!}, U — "7 ID, DNK (Device Mode 
Key), ^7^f7> h 1 <D«H5BS! • ^IWSI^^T', 
VX-9--/W^IJH»s &0 : »4>IWl«O,tiEWI. l f*rV€f*- 
tfX-r-^«:IR^bT*5<o 

[0065] u— T7iDti. z^-cyy hnicm*) axe 

[0 0 6 6] WWtCXx-y 6 1 tC^ol^T, CPU 2 1 

URL^. a5tu/fN-r^N*y^A^IRf#-rs 0 _h^L/cJ:^ 
tc, ccoURUi, -^ti^^'y ^"ici'Cjdi^ftTl^^-r-tr 
>XID*cWlS^Sv>r-lr>X*lRW-rSi:*T*'feX'r 
^S7KUXTSSo *CT% Xf V7°S 6 2 tc*5l> 
T, CPU 2 1 X-r^y7°S 6 1 T*IK^ L/cURUC Z 

2 ^iT^-rtyx^M tcT^-bx^Ttoft^o 

C^^^, ^-T-trVX-t— /^4 {i, ^7-Y7>h new 

40 ^^^-r-tr>x) *ffi^-r5v-r-b>xmstH*. m 

mc^.-^IDh^X7- K<OA/J*E5RLT< S 
•T^tgigOXf^ys 1 0 2) o CPU 2 Hi, CcOS* 
«rtt3^jffl5 2 7 £D^g|UC^^^^ D a— 
?j^cSo^T. A7 L jffl52 6^^LT, 7-T-b>XiB^ 
tflffi, ^-+flD, fcd;0 : ^X'7- K«rA^-rSo 
CCO^l— +HD^X7— Kt±, ^7^f7yMW-f 
^, Y>^-^-y h 2^/TLT^^-t>X^--/N4 tcr 
HXU *ffi[(CKt#LT*5l^ctOT'fcSo 
[0 0 6 7] CPU 2 1 ti, Xf7yS 6 3, S 6 4 tC*5 
JO t^T. A*SB2 6*^A^Stirc^>r-trVX»giJWIH«: 
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ffXO&tfhht^ a— -tHD^xy- F*rlR*)i&€fo 
CPU 2 1 (4, Xf77°S6 5l:l3^T, iffifagfl 2 9 
1»U A7 t j£ftfc^--^ID < ^X T 7--F£\ ^-tr>X 

T^>T^>X+f-/M(c&{f 

[0 0 6 8] ^-f-tr^X^-zM (4, Kd9*#P.aLTtS 
3di*f£cfc-9tc, zl— +f , ID^/NX r 7— F\ MtHc^-r-t> 

l 0 9) *\ Sfeti. *{**Wc2ft«:^*£fc: 
(4, 5-f-tryx^fa'LTc^t^ (Xf 7^S l l 

2) o 

[0 0 (3 9] Xf'y^S 6 BtC&l^T, CPU 2 1 (4, ^ 

-r-trvx+f--/^ ^e>^-r-b>x^fi ^nt^c^g 
*p* ; pj&u ^-r-trvx^jMm^nrt/ciy&tcti, x 

T7/S 6 7(Ciffi^ ^-cov-f -tr>X^SBti^2 8 tc«t 
[0 0 7 0] Xf77°S 6 6fc:*5^T* vY-tr>X?b^ 

fa^nr^^i^^j^L/cii^, cpu 2 ni, x-r^y 
bn^i^)T\ 3>-r> % y»i*i?fe*af | i!*«± , rao 

[0 0 7 1 ] W±©<fc"5(cUT, H^7^7>Mtt 
n >-r > y -r— 2 \c ttKII L T i ^5 ^ Y -tr > X I Die *tl£-f 
3^Hr>X*:lRf!JLT, f/Jtf>T, ^W^^f^^fi 

[0072] ftfe, m^^vxiawfflfiw:, s-^ 

(c^3C fcfenjfilrefc^o 

[0073] f?^T> h i jcfidflt^ns^-r-fevx 

(4, WJ*tf, [*] 8 (C7*£ft3 f£ffl*fK 

[0 0 7 4] {gffl&mcti, ^^-t^XlC^l^ 

^-tr>X(cMo<^T, n>-x>^^r^^7>n— F^3 
c fc^rijflgft^vn- FJW»L t^f-fevXlciS-S 

CD-R*cE»"T5Cfc^T'*SfllflK PD (Portable Devic 

e) tCntf-i-^Ct^nJftg^lHl^, 5 4 

[0 0 7 5]*:, Bd9©7n-^^"-h*#B(lUT, 

[*]7^^-rr>h i <o ^ -r -t > xiwjwiuc #je l t 

7^7>h io#5/£(4, ^^-trvx^-/^ 4 (Dffir&b L 
T3lfl]£ft3o 

[0076] xf7^s i o i (c&i^t. -7-r-tr^x-^ 
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-A40CPU2 1 (4, ^7^7>h 1 ^T^-trX^rS 
ttSST*t#«U r^-feXSrSttfcfcfN Xf7^S 1 
0 2lcjflU^ 7^-t!XLt^/c^7^7yM{cWL 
T\ a-tHD^AXV- F\ Ktttc, ^-f^yxffl&fi'j 

;\X7- F\ U — ^IDHfemc^^-feyX^W* 
ir>XID) ^jMm^ftT^/ch^, ^-tryx+J— A4 
<0CPU2 Hi, ffi{3SP2 9*^LTCft*21!U ffXO 
/o )itr4[ifI*^ff-r§o 

[0 0 7 7] fits ^-trVX+T— /M0XPU2 1 
(4, X^>y7°S 1 0 3(c£>l>T, iCQf. ?fH5 52 9 5 .SB^ 
— /n5 icr^-feXU n.— +f IDfc^X?— F(c*tj£-rs 

— h 2^^bTv-T-lr>'X+f— ^4^^^-faaiffcO 
Si:, ^6oa.-+f , lDh^X r 7- Ftc^/S^TS 

£\ ifi£-lc 7 >r -tr yx^SfflOflil *<0%W*1b 3 fr5 
frftH**^ ^<0£5&3g*I^&u>tf£r(c(4, ^>f-ir 

[0 0 7 8] Xf77°S 1 0 4 tCfcl^T. ^^-tr>X^ 
— 4 tOCPU 2 Hi, K^th-^5^e»(0-'^ij|iSil4*\ 

?r^«:*iJ3£L, ^>r^>XOf^ASttS?5ftTi/>S«^ 
tcti, Xf77 P S 1 0 5tC)ffi^, Xf 77^S 1 0 2^4!1 

f 'i! o)i*ftfcv^-t>x Aii ti'i w £ w/£-r s ^ -r 

>X^r, ,iSifli , 'ffi2 8tC,gtfi^ftTl^v-r-tr>XCD^^ 
JO «^to rd«SB2 StfBlflffhTl^^^-bV'X 
ti, &e>^U#)v^-tr>XID, ^->'aX f1=7jEHB#, 
^»!BB^<OtS$BA^did5ffftTl^Sc Xr77 p S 1 0 6 

tc*5i>-£\ cpu 2 ^(o^-r-fe^xicsiaLfcu — 

■7ID*^lm*rSc ^b(C. Xf7 7S 1 0 7tCfcl^T. 
CPU 2 1 ii, Xf77 P S 1 0 ST'jatRSftfc^-f-bVX 

tc Hf&~3if ^nri^ww m^mR-t %o & % ^ (4 s 

fefflja^ftTv^fseffl^tc^ipsftSo cpu2 K4, 
40 satR s ft /c f^iffl ^ff * ^ ^ -t > x tc {>t ^ -r ^ o 

[00 7 9] Xr77 P S108l:M^T, C P U 2 1(4 
^ -tr > X -9— ; ^<0»¥B« tc & *) ^ >T -tr > X (c L , 

[0 0 8 0] ^tc, x-^^y *7°s i o yci^ ^-r-b> 

X+f— /S4COCPU2 ltt. teO^-Y-bVX ([H8(C7fx^ 
n^K^ft't^) £\ iBSHSI5 2 9^6-Y>^— h 
2^/>LT^7^7>hl (CiMffi^^-^o 
[00 81] Xf77 P Sl 1 0(Cfel>T^Y4z>X-^- 
50 /N4COCPU2 1(4, Xf7 1 0 9<DtBMX\ t/^*iSS 



15 

ii/:7^^yx mm&ft'. u-^io^t?) *\ x 

f77°S 1 0 2(04ttf.ITIR»3ji*nfca— IflDk/^Xy 
- F tc WfS L T , KJtSSP 2 8 tc |B« S Hi 5 □ 5 ^> X 
fy^Slll tc*5^T, CPU 2 1 ti, ,fll^fflf'l!*:Jt<f7 
-T^o ! if* Wick*, CPU 2 Hi. iDSf,tffl5 2 Qfr&.iS&tr 
-/n5 tc, foa-f ID^/^xy- KCWJSt^a-f 

tc*t-rsa^«ifi«:g5R-r4o 5 c^a$ 

3.- "tf ^frfrfcfr o/Cct9 &ii£rtc ti , fct» N 

[0 0 8 2] -r*^*). cco^tcti, JM-^5/)> 
6 ^ -< -b > XcoFt ^£^n!T- "f <h T % tjQtSyHtfjSffi £ ti 
T< £orC\ Xf'V^S 1 0 4^6Xf 77°S 1 1 2 tC 

}ffi^, CPU 2 Hi, x^-fflfi*igfrr*o flf*Wtc: 
ti, ^-r-tr>X^-/N4^>CPU2 lti, ifi{8SB2 9*l6iJ 

[0 0 8 3] c<Wfi\ ±a?b/£J:^(c, ^-co^^Yr 

>F 1 ti^i?>X^W££ tco 
t&i^c htc£:£ 0 

[0 0 8 4] m\ Oti, tgecOX-r-y^S 4 5tC^tt^ 

y~fS 1 3 1 7!i^X-x^7 0 S 1 3 5^M(t B7(OX 
x^7°S 6 lMXT-y^S 6 5<DfflfflfcS#Wfc|WItt 

^oSttfli-efeSo fc/£U xf77s i 3 3tcfc^T, cp 
U2 i ti. ii«A^&^"fe>xT*&*<. iiiSFf-rs^-r 

-b>X^^^-tr>XID^:lK0iAOo fit, Xf-y^S 
1 3 5 tC&^T, CPU 2 1 ti. rL— +nD^/^X T 7- Fh 

>x-y-~^4tc^r-r^c 

[0085] Xf77°S 1 3 5<D)MM^tC#J,SLT, 

^-tr^xtr-'Mti, f£ai-r*J;?u:, Wiffl&ft-fcH 

^IT<^ 1 1 <DXv-V~?S 15 3) o tCT% * 
7^7>b 1 <DCPU2 1 ti, Xf^yS 1 3 6 tCfcl/^ 

LfcOt^o Xf7^S 1 3 7TCPU2 l ti, KUiOJ: 

■9 tc l r aw £ nrcffi ;h ( ^ -t > x * % & 

WO SIWAt'S/i^^Lji^^^-bVX-y-— ^4 tc 

^■feVX-fr-zMti, W»Wft«JIJ*fl i *i5S<,?UT< * 
(Ed 1 1 ^)XT7 7 P S 1 5 4) o fCt\ Xf77S 1 
3 8tc&^T. ^7^7> F 1 OCPU 2 1 ti, ^-Tir> 
X-y--/<4^6tO{jtift]*ff*JRfflL, XT77°S 1 3 9 
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tCfct^T, *<Qffiffl&ft*IE«8|5 2 8tc-TT^c|S«$n 
Tt^m , rS'7-i'-b>X©ffiffl*ff^LT"£|ff s rSo 

[0086] gi i i ti, v^r> h i o^-r-tr 

> X ill Hrfflfl! tc W IS L T . ^ Y -fe > X It— / * 4 tf'JlSfr'r 
S^-<-fe>XiUrr*afl!«:aibTi/^ 0 
[0 0 8 7] K?7JtC. Xf77 P S 1 5 1 tC&^T, ^ 
-fcyx+f— M4^XPU2 1 ti. ^7^7>h 1 frh<DT 
^-trX£§tf££, Xf77S 1 5 2tc*5i^T, 
7>M ^Xf7^S 1 3 5T*iJg«Lfe^>r-b>XfflSg 
/o ■b>XE*fffi3R««i:i:t*i:Sfi-r*o 

[0 0 8 8] XT7^S 1 5 3tC*5^T, CPU 2 1 ti, 
^ -Y -tr > X £D UI JSTr 'iS**Sf, i i "T £ £ . ^<D^y^ -tr yxtc 

^eM^abb, ^7^7>h ic^fii-^o 

[0 0 8 9] CCOfti^tC^tLT, J:^L/ccfc^tC, 

^ryh \fr%mft%fc<r>M\i*m\ ocox^-y^s i 

3 7<DS&fIT*^L&£ft5£:. Xf77"S l 5 4 tcfcl^ 
X, ^-Y-tr>X^-/N4^CPU2 l ti, *L3iSnfcffi 
ffl^fftcW/St^f-^^Ml, Xf77S I 5 4 tc 
20 teO^T, ^7^7> F £ ltcj&f.rr^o ^7^7>M 
ti, .bJdib/ccfc^tC, Xf77°S l 3 9©aiPI!T*Sf.iL 
/cfiiffl^f+^itj^T. -rTtcaSStiTi/^S^-f-feyx 

[0 0 9 0] *5§Wtc4ol^Tti, » l 2 leasts n&£o 
tc, 7n-K+ + Xh^>^'jy>'3> (Broadcast En 
cryption) 7j^^/j;UItcM^>T, -r/WXfc^^-lrV 

n, (leaf) tf«^<Of/^XO*- tc 

30 (0 1 BfSO-fVN-rx^fcti^ ^-bVXtcWjcK-rs*—^ 

[0 0 9 1] ^4~ti, HM^L0IT^SnS % V U—fllifi 

^y-Ftc^iSLT^i/ii^ti^o c^ijTti, »±a 

^;V-h7 - Kfc^jcELT;!/- F4^-KR^\ 2P^Sco/ 
- KJC*M;UT^— K 0, Kl^ 3SQ<0/-KtcW 

islt^-koo;ski \i>\ 5n4an«y-K»cw 
jslt^-kooom^-ki i ^n^nwes 

(f/WX7- F) tc, ^-KOOO 07^K 1111 

40 t>\ ^nfMis^nti^o 

[0 0 9 2] ffi««!iSi:SnTi/^Sfc«), WJxtf, ^~ 
K 0 0 1 0 0 0 1 1 <D_htt<D^-ti, K 0 0 1 £ 

^tl, +-K 0 0 0^^"K00 K 
OOfcStlTl^o WFfRl«^, ^-K00^-K0 
1 0±teO^— ti, KOh^tl, *-K0k+-Kl« 

[0 0 9 3] n>-r>^«r?ijffl-r^+- ti, »TS©f 

tco i oco/^xco^y- FtcttJSt-&*-Tgfi2n 

50 WJilif, §^-3co/-F (U-^ID) JcWtE^S^ 
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K 0 0 1 1 , KOOl, KOO, KO, KR*&tf^X<D 

[0 0 9 4] ^gnj]OvXf-Atc4ol^T&> 0 1 3tc^ 
2tl££-9^ [Ml 2 0Kif l l!tcJ 1 Wl^TffljS?nS4 : ~ 

tffrfefl^o Hi 3<0fMT*fct, 8 + 2 4 + 3 2l30y- 

TO&y - KtC^-r 3 U ^*nt;^nSo C C fc W- £ tj 

U ^rfOl/fj -T £ «S»CQ * T" =T U . "fis * JWKiXfcSffif-r s 
««f}<0*"rdru ^^/cijri^at^ fit, 
L^^jfi'J /— FO^tO 1 OE>y — Ktc, ^ + -t?:y 
X^ : lt§^Xf AhbT*yXfA (TyXfAil 
ftt5) ^WiK"rSo 
[0 0 9 5] t^t)^, COTv'X-rAcD/— F£9S 

§ o 2 6 tc , H TflliJcO 3 2 gi<OR£« tc cfc D , 2 3 2 m 

SCfc^TSSc WTfJto3 2 So/- KlcW/E-rs* 
DNK (Device Node Key) *:#WJU «>*BW>»J — 

[0 0 9 6] ^rvWX^ Y-tr>X<7y^— t£> 6 4 
(= 8 + 2 4 + 3 2) pa<0»/-Ktfl|/«SftS^XO 

n/c/NX^VM-r^/- Flc*tJ£f S^— «:ilK^T0f'fii 
ftSfiSo JifiwW/tf ^onV&o^ YttmWiM 

»a?-rs) rttcB2Bn^nSo wt^dnk{^ ekb 

£0^7^7y F lt-W5ti5o >7"7<<T y F 1 14, v 

f-^ifctmsaffistiSEKB (hi 5) rttcieai^ 

*JII^T. E K B WC.EMSflT^SS £tC^O 
ii^lWi^^-^^'J-r^c W±OifflFll«:)l|fU*ff 5 C t 
T\ ^7^7>M(t -^■o^ + 'tryXco^Xtc/St"^ 

[0 0 9 7] HI 4 icPBJH y U -r =f »J <0#Sfl 

coift±BHc«u h^-KR2 3 o i #KB£S*u WT 
<Dff>|IUUHct±y- F*-2 3 o 2tf;-BftESft, RTKK 

[0 0 9 8] i±^6^MK[^j (HI 30tfi|Tf£. M 

= 8) £onrr/i£^y- K^f^'j y— F2 3 0 4 1 lt 
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fautof/wx^y-F^^n^o ggMKoi-^o 
y- K*rrijSfc ltm + 1 toto/- f\ »j-7t±, 
^(o-hT-u u jcrvsns-r/wxicuu-rsy — k^^^jf 

[0 0 9 9] M^lfHl 4^MSi«10(0/-F2 
3 0 5tC(i^T-dU [^^UXf^y^ ] 

^sn, c«/-K«Kffl&5/-H, u--7^y^ 
10 wffl^y- KSfctiu— it^^n^o -r&fr 

5, y— F2 3 0 5WT*\ ^-e'JXf+y^^fn 

utc^a^n^^vwx^i^yjy- f\ ^^tfu-^o 
[0100] setc Mm^mr7-rh~im&*^7'±> 

r-dfuy— K2 3 0 6 i: Lta^T5Ci:^SSo H 
14<D#ijTl£, ^Jfn'J yt'JXf^y*] y— K2 
3 0 5<D2WF<OS— FtC, ^'JXf^^Wl 

/cr/wxo^f^ij ^t^n^^y^fn'j y- 

2fl £ Q ^y^-rdTUy—H-tPfeSMi^'J/Jllffioy 

-F2 3 0 ewTic, fiia-iwuasiD/j-fdrujct^sns 

S*By=«fllft#«3Soy-K2 3 0 7^?n, ? 
6 ^ coTfutc . £ vligSo * t- dT U 

[ p h s ] y — k 2 3 0 8 1 , [mwtiMS] /— 

F 2 3 0 9 tfKSlSnTi^So 
[0 10 1] ^^tc, ^jfa'J, ^^^T-^Uti, 

fn'j y- K^y-A^y-^-oiK?e-r^y-A« 
y z Wfflcoiruuy- LTS^-rntf , y-^j- 
^BS^-rsy-A«s«}x y zic ^-om^y-Fix+o 

40 F O -r / n << X tc *f L T <7) U / H "I ffg 8: 7 s ■ - ^ ^ fiEfH 
[0 10 2] CcOcfc^tc, l o<oy— K^SrlH^i: LT, 

ttToy— K*r*<o]Hj&y — Ftc/ga^n/c^T-n 

SSWi-y-y^-rrfUOBBiaiy- Fi:LTSA£"rs«/S 
t~?%c tick 0, *riUg> fe^tH^^fi'J 
SO 1 ^Offi/Sy- K*rfPI!t'S^ — , 
fu f n+ pmft^oi y - K*TjHM( t -r s s»{t*-r n 
^y^ (EKB) ^5iatc^/;JcLT, M^y-KWTlcH 

50 tcJS^^i/^tiico^T-n Ucoy— KlcB-rs-r/^-f Xtc«i 
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<5 o 

[0 10 3] m?Ll£. HI 2lc>7xSft5^ U— WJEtcfc 
1, 2, 3&y— K*-fcLTttilfi04— K 0 0, K 

iilcffifrTSy — K*~K 0 oef**3>"r>^*»-f: 

-TXO, 1, 2, 3C0^^3M^33>x>^4~0^ 

/— F^-K 0 OTBSiJftUfcfiftE n c (KOO, Kc 
on) «\ **y hV-^«:i>LTaoSi^iK!»!«t**ctt 
ibtfV^XO, 1. 2, 3tCfiQ^"rtlte\ 7vWX 

0, 1, 2, 3^ft\ ^n^n^r^wxtc&^rfs 

*rrS«fcV- K+-K0 O^ffll^THS^E n c (K 0 
0, K c o n) ^^l^T^>T-> v y^-K c o n^rffiS 
CfctfnJflBfcfcSo fc*5, Erie (Ka, Kb) (iKb 
^Kaiaot D,1 Wfc L x - * T'fc S C * jjVT o 
[0 1 0 4] £fzs fc^BSiAU tc&i^T, f/^x:^) 
H7Mf3"5JttK 001 l f K001,K00,K 0 , KR^X^ 

*nWP*. ^>X-r-A (f/^XO, 1, 2, 3 

^X3^yXf^bW««^§ 0 ZCDTctblZ 
fcfc, y-H^-KOO l,K0 0,K0 f KR^ Ztl^tl 
ffitcfrMK (I) OOl.K ( I ) 0 0,K (l) O.K 

(t) RtcaifrU f/Wxo, l, 2Uz*<DUiSr*— 

^fc^S'Mil^&So CCT\ K (t) aaati, St h K 
a a acotttf^ (Generation) t 0~£&r4— T£>£ C £ «: 

[0105] uirr*— ^Baffiaafs-^t^T^wj-rSo 
coMiWrti. rnzis. mi s Aic^nmt^-y'uy 

(EKB : Enabling Key Block) fcpfyf tx£ 7p v 
— £lc<fcoT«lKS*lS'r— **y h7-^^ 
LT, fc«l/Si,E«i«f*tc«jWLT^/^XO, 1. 2 

■RMfc*- la^TMSnSo Gftoit*—7w* (E 
KB) 14, ^r— IGfr^n-y ^ (KRB : Key Renewal Bl 
ock) fcn?lfft*ci:fe&5o 
[0 10 6] 111 5 AlC^^f/fljffc*— 7"n«y Z (EK 
B) fri, /— ^yirr^^'^^^VWXO^^UlSr 
nrfHa«r-?4»fS*«o7D >y LTlftricSn 
5o Hi 5A<DtfiJU\ HI 2tC>"S-T^U— ^^W^^ 
YXO, 1, 2&C*5^-£\ m^l(D!llffiS-V*-%:ffi 
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Hi, £Wf/-K4=~^bTK (t) 0 0, K (t) 
0, K ( i ) Rtf*&'2ST*fc<K f/UX2(t Ui&ry- 

K^-^ITK (t) 00K K (t) 00, K (t) 
0, K (t) Rrt^'iilT&So 

[0 1 0 7] H 1 5 A<DE K B iC^Stl* <fc 5 fc* EK 
B^ttffiacOPg^ft4 : ~*^SnSc HI 5A(?)M7PS 
«OHe#{t*— ii, Enc (K0010, K (t) 00 
1) tfe^o cn^fV^X2(OMo'J-7^-KOO 

/o l otc^oTUg^fb^n/cWr/- K*-K (t) oo 

K (t.) 00 l*fJ5Cfc^T'S5o ftiiJtC^O 
?9fcai«fy— K*— K (t) OOl^JIJl^T, HI 5 A 
£DTfre> 2ian^HS^t*— E n c (K (t) 0 0 1, 
K (t) 0 0) *<flr^wjfi!fcfct>, 3I»fy-K*-K 
( t ) 0 0*§5Ck^T*t*o 

[0 10 8] IXTII&fc, H 1 5 AO±^e> 2©BOHg^ 
ft*— E nc (K (t) 00, K(t)O) tfi^tS 
20 chT\ 'ii#r/-K4— K (t) O^l'ibn, cn«rill 
t^T, H 1 5 AtO_b^£> 1 ®l \0W;V>j\t*—Y. n c: (K 

(t) o, k (t) r) *m.mr%>z.t.x\ iB»f;i/"-h 

3r — K (t ) R*<f96tl*c 

[0109] -->b\ y-F*— k o o o«sErr-rsw» 

LT*^&Oi2u K (I) 00, K (t) 0, K (t) 
RT'feSo y— FO, 1 li, fVWX^KOOOO, 
K 0 0 0 1 SrJIJ^T, H 1 5 A«±^5 3©| l<DHfii;{fc 
Enc (K000, K (t) 00) £:fti''J^£C£: 
50 (t) OOfclfcfiJU WKIK^, H 

1 5AOl*>6 2SU«^-Enc (K (t) 0 
0, K (t) 0) »yt§ctt\ iiirry-F^-K 
( t ) 0*rfih H 1 5 AcOJifrS 1 SH^WA:*--- E 
nc (K (t) 0, K (t) R) M^l^T, "«£ 
»f;l/— h4=~K (t) R*t9So Cc?3J;-9tcLT> x/^ 
^xo, l, 2tiUiS»fLfe*-K (i) R*?'J«ci:tf 

[0 1 10] ^c4b\ m 1 5 A<D-<>TV ^Xti, IH^fe 

[01 l l ] Hi ziCTf&W—ffij&cn ±MWl<o/—V 

(t) o,k (t) R<D'$itfitf^nT*&*). y- 

K*-K 0 0O*OE»r*Eia*^2gT*«SiM^c(i, H 

i 5 KoimMt*- y^y ? (ekb) ttmi^zct 

T\ UiMy— K4— K (l) OOSf^XO, 1. 2 

[0112]|15 BtC/f^E K Bfi, WJ^tfWpaiiDy 

5«&tc?iJfflpIftgT*6So IMiJtlt, Hi 2^Ml» 
50 t^t^-^rtOf/^XO, 1. 2, 3A^&SIE» 
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(r) conWSST^Wo C^tl f/WX 
0, 1, 2, 3<£>ftiffi<Dy— F*— K 0 0*M#rbfcK 
(t) o O^JIl^^TSffe&ttifDOiUJSrnv-r^^*— K 
(t) rnn«^jftl/cf-^Hnr (K (t) 0 
0, K (!:) con) ^ il 5 BtC^tlS EKBi: 
httcBdffi^nSo dcoBB^CcfcO, f/^X4^:^ 

^ ^ fill ^ ^^owag^ai ^t^c^ # t't&i>f- 

[0 113] f/WXO, 1 , 2I4EKB* 

iflILTfi}fc*-K (r ) 0 0*JlJO>THS^£*«*rr 
nif, lBMT'03>'fy7*-K (t) con*«5 

[0 1 1 4] Hi t^T'03>f>7*-K 
(t) con^fflll«i:lt, K (t) 0 0» 
T«rfcaJtJifia)3>-r>^*— K (t) con^PS^tfb 
Ucf-^Enc (K (O 00, K (t) con) 

hi 5 b tojvr e k b h^^^^/rtrSpMb 

( t ) c o n £ L/ctfJT&So 

[0 1 1 5] KM 6 fcl/jVT r/^XOtt, ,EW 
WWcftlftSnTl/^ltt^tWpj/iOE K B ts g#tfft 
e^UfetSlflLTV^Sy— K4=~K 0 0 0%ffll^T, ± 
SdiL;rcfcfn]«a)E K Bfflflt;:^, /-F*- K (t) 

/-F*-K (t) 0 0*/H^T, Uilfrr]>T-y^^- 

k ( i ) co n*w}LT, mc s tti&<%mtzrcthic 
-rso 

[0 1 1 6] H 1 7 tC^ajfb^-^n^y ^7 (EKB) CQ 
7*— v>y MM*/*^ /^^'a>6 0 1 ti, fl^MC* 

(EKB) cOA-va >«:>T<-r^S'J?T*fc 
So fc*5. /^y'3y(i, »SW<OE K B*»J]iJ^S«f£ 
n>T->^h^^^rM]^^>j^^^R^ISOo fVX 
J±, *i#jffc*— :/n *y * (EKB) ogGftftO-r/WX 

0 :Ui. f]#j{fc*— 7ny* (EKB) *0-r— ^ftB6 

fcfc* if SB 6 0 7 »ft#>f 6 0 5 6 0 

8 cofu[8^-r # Y > £ T "h So 
[0 1 17] -r-^SI56 0 6t±, ffl?il£ MfrT 5 / — F 

[0 1 18] *yff|S6 0 7«\ -r— ^f«56 0 6lCftjWff 
TIjWTSo 

[0119] 8Tte, ^fcLTJfetcHl 5 AT 
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3HHHLfcfi&{fc*-:/Py* (EKB) fcHSttTSfflJ* 
TfxLTO^o COWOf-Xi, HI 8 BO^lOnf <fc 

Kl/X*h7^/- FT FUXktSo CC0l» 
tU^fcfc, OiU*f*— K (t) R*^sntt> 

5<D"C\ h'yy/- K7 FUXfctKRiiftSo C«Qi:£* 
WJ^tf«±lfl[£0'r— ^ E n c (K (t) 0, K (t) 

r ) a, hi 8 Atc^rBe^u-ic^-rfiBP o^w 

iS-rSo 9KD&<DT—t?&. Erie (K (t) 0 0, K 
70 (t) 0) T'feO, ±T*(iHtJO'r— *Ofe"FOffi 

IP 0 OlcfcflS-rSo ^U—WaS^ilfT^OfaB^&a 

ncfijiisnSo (D £• 

(R) 9 9) i:LT^?n§ 0 il 8B£0I.hS^f 
-#Enc (K (t) 0, K (t) R) \Zftlfc?%>ftM 
?m T^fi ilPOOtc t± f-*tf85WT\ L £ ^ - 

>\ -r^ro-r— ^tc^^aasnsn, hi scic^-r 
x — * yy , *3 * tf ^ y *ij ^sifiK $ n s o 

2fl [0 12 0] ?yt4, *\)Z<tZ>T—Z E n c (K x x 
x , Kyyy) #\ 7«J — ffifficO if C JC fci iff LTt^^ 

iCfiMWStt**— * E n c (Kxxx, Kyyy) 

• • • ¥3W^0s^{fc^nfc*— ^a^j-r-^tciatf 

& t ^ \ 1: id? L 7c * y t c ct o T -r ■ - * i: L T « *ft 3 n fc 

50 0:Eiic (K (t.) 0, K (I) R) 

0 0 : E n c (K (t) 00, K (l) 0) 

0 0 0 : E n c (K (U) 000, K (t) 00) 

[0 12 1] il 7t:Rot, EKB7*-V7hJCO 
40 \i^TZ%Kffiffl?Z>a S 45 (Signature) 6 0 8tt, ft 
aft4~yn>y^ (EKB) €:58fTLfeffJ^««Bffl-tr 

W^lflfttfc^o E K B^S-nHL/c-xV^Xii, 
«fi«.ffitCcfcoTiESft^j5afk*--yn'y * (EKB) 

myrimm\^tcumt*-'7vv5 cekb) t*»s 

[0122] ttiwi^cu, 7^-tyx-t-/^^ 
6^^n/cv-r-byxtcao^T, 

5r; 3^e>«iesnrc3>^>^*¥iJffl^5aiifi«:Si:«)« 
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[0 12 3] *tr£t>%, a>y->W—^3frt>f7'( 
ry F 1 JcWLTny-r^^A^filfftSnSfcfcfe^, v 
-Y-tryx+r— fr£>&7>fT> F 1 ic^-Y-fevxaMft 
*S2ti£o n V-rV^ ti, ny-r^y^-Kctc^D, 0,1 
^{tSnrtsO (Enc (Kc, Content) ) , 3>t->^* 
— Kcte, h*— KR(EKB^e»f9e»tlS4 : ~T*fe^T, 
5 lc*5tt5*— KEKBctC^*r^)T-Hg^t;^n (Enc 

(KR, Kc) ) , EKZtt&lC, Hg^fc^nfcnV-r:/^ 

[0 12 4] 0 1 9 0fWc&tf SEKBtcti. 01* 0 
2 0l£>j<SnS<fc5lC, DNKTHf^JftL/c^-h^-KR 
*^Snt^S (Enc (DNK, KR) ) e T> ^7^7 
VFite, -9-— If Xf- *lctt£nSDNK«r?iIJIJLT, E 

F*— KRfcHJl^T* Enc (KR, Kc) *^3yf^M 
c*a^ l t5Ci:tftt, 3Vf->^+-Kc*iHl^T, E 
nc (Kc, Content) ^5»3yf>7SaE(t5i:i:tfT 

[0 12 5] C<D£-Mc, ^7^7>b UcDNK«rflBgiJ 
tcWJO^TSCfctCckO, Ell 2h0i 5*#HSLT,itt 

(revoke) "jftgiiuB:*. 

[0 1 2 6] ^Y-tr>XU-7ID^fJ-/jnLTRE^ 

h^iryX^mWWfr^tiS c tiers K> , =7 
<< -fe > X<0 ^ili a tf-^K ifT S c h "Jffgtc ft 5 a 
[0 12 7] £fc, »^-rr> FJH<DSE»Htt fcS5ffi»* 

F a - +F fe , C n ^ * i 1 1 1/ ^ T ^ iH n e - * IW i h "I f!6 «: 3 
> -T V ^ *^7jK-T 3 C ^ njffgic ft £ 0 

[0 12 8] 3HiU^i:«S«B»(OW;fHi:-3i^T«, B2 8 

[0 12 9] *J8lWtct3l^T«, 0 1 3«r#MILT!tt(yj 
L/cct^tc, ^fn'J /- Flc^-Y-tei/XJfrBffl'rST 
S/X-r Afc, MTwn>-r>^^?U/l3~r^T : VWXc?3^ 
t- =f U #*ttfr3tt S ft* 0J)T\ «t««DNK*|i fj -<Dtv S 

[0 13 0] 02 1 ti, ca)|K^LTl^ 0 iT&fr 
"6, f/UXDlttt, T^XrAl:?|oVT, DNK 1 
tffflO ^TbftTi^, 3>^>*y 1 «r?ijffl-r5v>r-fe 
>X#iE»£ft£o ffitJUc, COfVWXDICti, (5IJ 
Xti\ DNK 2 OTPJ 0 ^Tbft/c, ^'JXf-/ >v ^tcCD 

%>o Cco4}3\ fV^XDKl 3yfy7li:3Vf 
y7 2t^-5, ^§'>XrA (T'>XfAfcf/KX 
gfli/XT-A) tci^gafs^nfcnv-rV^^rlplWftclR 
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tcSiJt) STSftT^3DNK#fiiJ&T£*£LT, f/U 
XIC 1 f@£0DNKrfCt^»fc^^:^>cfc-9^L/clS'&, CCO 

[0 13 1] Sfc, 01 tfi]x&\ ~FMJ£>3 

2Wi)rt<D&=.i<}&<D i o i otc. 02 2ic;j<?n^^-r 

[0 13 2] 02 2<DWc*5^T«:. ffJAtf, v-f-fe> 

^fa^tt D7^(0y>y;WcKt5 0 ^-T-trVX 
rfc-rri «J l tcti\ ^-r-trvxiD^ l T&Snv-rV*;/ l 
fc^Vx^y 2#*ftS2-g\ ftiftia-f l 
V3tcBdtfT£ftT^£o 7^yxAfn 'J 2 ti, ^-f 
-tr>xiD2 onv-x-vy 3. nyfy7 4, te^t/ny 

f>7 5^t*n, ^ft^fta-tn ha-f3CfM 

20 [0 1 3 3] CKDcfc^tc, *«BJK*5L^Tli, *-r=fU 

[0 13 4] DNK^, m^tTJTlC-Y'isbmtb 

3&trtf>"£«±«:<. ^-trVX^-^tcj;^ StiifiH 

tc^rsc hT\ iftc^S^— WBPIA^wIfllft^X'r 

[o i 35] ^yv-y^u, ^tim^y&^nrc^ £<d 

ft<, ^T«JII^C*5V^T, fsfiJlMfllT'feSO^/SL 

46, ±^b/cJ:^tc, «f (^7Y77h l) tc, 

JggiEShLTtO^-r-b^X^— ^4^6Wttf»^. * n 
JCW/S-TS 4ilW«tO,1iEW« (certificates) ^K/^ti 
So *(Offi«a*ffl^T, (signatur 

e) ^MU n>T->^ytc^/jnLT. nyfy^ori 

HE ( i ntegr i ty) *«,fiE L , io^cjyf-yy OiSffiflWih 
[0 1 3 6] C^lf&tOffl.aOfflJtCO^^T, 02 3^3^7 
-^CD^ h #3= L -r - ^ ^rHLltSgP 2 8 tc Sett $ -^S 
[0 13 7] »#JtC, XT77°S 1 7 1 tc4ol-T, 

<<t y v i ^cpu2 i its mmw2 Q^iTA^j^n 

SCDtOiV^-r— **,i"aSs*-r— * UTtfxOiAti'o Xf 7 
7S 1 7 2tC:fc^T, CPU 2 1 Ci, Xf7^S 17 1© 

50 ti, 3 tf>y KOJkf-fi1S« (CCD i:, 1 H >y Fco 



^o 
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bVfi (Trigger) tlz&OffitiiZri, iz/tZ/Wt 
-*0*lca!J63i*nTl^o CPU 2 Hi, ^7^--^- 

T-^^m^n/c±M^cti. xf^ys 1 7 3 tciifi 

[0 1 3 8] Xf-y^S 1 7 4tc£;^T. CPU 2 

URL. fcitf^* — *lc<fc OfiS/S^n^o 
[0 1 3 9] #IC, Xf77°S 1 7 StCiffi^. CPU 2 1 
ti, X-r^y^S 1 7 4 (Offl.i'l!T*f1- : JEJt L/c-^y &<F>*r— * 
ic mr3\i ^fc 7*J Z /Hf 45 * . EU y> ill ^<offi«B«*ffl v * X 

[0 14 0] Xr-y7°S17 6T\ CPU 2 1 HgtMfc 

a^(W2 4*SiJWU ay^-y^y^—xayy-y^^S 

[0 14 1] :WC, Xf^y.S 1 7 7Cfcl^, CPU 2 
3lc^&2-£3 0 

[0 1 4 2] &*5, «M^fYX^S^ 
S\ XT77°S 1 7 6tC#3^T, CPU 2 1 ti, nv-r> 
7*3-77 *ffl$2 5lC{«*ftU WJAUf, ATRAC3 7jiC 

tCct Dn>x>7^?rF'J-{r:£^&o fit, ^'if^n 
[0 l 4 3] i*]2 4«, W±«oJ:5tcLT, 3HS«M*lc 

mtsnt^snyfv^ (e (At 3) ) ft^ttiusn 

fc^*— v— ^ (WM) ft\ 3V-r>70W ('Vy 

[0 1 4 4] 122 5tt, 3>fy , y%,E«!K#l: 1 iattt 
^0)77Y;V7t-V7 hO£ S.ffiM&ffifiKfcilL 
Tl^c C<Df0Kc*5^Ti±, nvf V7ID (CID) , v 
-T-feVXID (LID) , URL, fccfctf'** — V— * (W 
M) €r3-t?^N"y^iriiS?tlTl/^ft!l, EKB, 3>-r>7 
Kc*;l/— h^—KRX'WiWkLfcT — Z (Enc (KR, K 
c) ) , mm (Cert) , ^7^:Mo#M^n/cf 
(Sig (Header) ) , ayf-y^y&ay-y-y 
7*— KcT'BffiJftLfc-f 5 — * (Enc (Kc, Content) ) , 
X^r 1 — £ (Meta Data) fc cfctfv— ^7 (Mark) tf&UZ 

[0 14 5] — ^(i, 3yf->7E>rt8Plc 
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r>7*cJl«)ii*tiTt^««l*iflatc, ^offfi¥^«i 
[0 14 6] **-r— fflx.fcf* >>>^>y 

[13 1 *#s9LT«ai"rso 

[0 1 4 7] 0 2 6«\ SE(W«i:LT^M»iiEW»<o 

jWc*5ttS?#iiEJra (CA : Certificate Authority) #38 

fx-rs.fiERIJ.'fTfeO, 3-— 9**^ .igiBEWlcUUtbLftl'ia 

«tif-rt§^T\ a— ^2. — if ID, 

Kts*^^*>x^w^4tcffiffibe»jffla*fi l ^c:fc 

20 [0 1 4 83 fed 2 6tc*5ttS4>riHB!liEm*«, 3iEWj»<0 
>fft>J\ ^>r^>X^—^^4 ASliEWJ.'f^iJJIJ-/? 
(a— 9*) tcWLT^JOott^.iiWJ^^iillL^i;, 

MM (^-r-tr>X-9--/M) <D£fifj\ M"/ifijW££/jHfl 
BL MIW»?iJffl«£>ID (y-KIDSfctiU-^ID) . M 

Tt^o ^btc, c^X 'y-tr— i^Jctt, S8SE©fcLT<D 
^ >T -b 4 J; •? ff- r /& $ tiftf^ ^ AM^t 

Jusntt^o ctD-r^^^^fi, X *y-tr— ^tc^tL 
iO T/N^y 5/a|jU»«ifl»IILTg£ric5nfc/N7 ^aM^JAr? 
^ T , v^-b>X-9--/N4 OWffi««rH] ^ T lk/j3c $ ti 

[0 14 9] /-KIDSfctiU-^IDtt, WJ^.tf, m\ 
2cOfflJCOtI&, fVUXOTMl rooooj 

f/wx 1 Ttitf ro 0 0 1 j tzti, f^ux 1 

5T*fetl«f ri 1 1 u £:£ta3o C0D«t d ftlDtc|Sr3 

cofuifi (U — F) tcfii. v (-r^x>-r^-r^ 

40 [0150] eic?^j;-9tc, ay-7-yv%:fiim-t%o}ic>& 
S^^Y-t>X^, 3>-r>7i:tt»lltUTBS^tJ-rSck 
^tc-T^C <htcj: 5, n>-r>'70fiMj7b ,; SStcff^n 

[0 15 1] i/c, 77^7t-?7 h^L^]2 5tC/T> 

^n^^^tc^M-r^c tt% ^7 hc^3> 

ew> SDMI (Secure Digital Music Initiative) 

ffl«-r S i© ^ *5 ^ X fe , 3 > -r > 7 CO m ft*«rflt 
50 SC^A^oIftlfc&So 
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[0 1 5 2] ££tc, WlZ-lSs B2 7&C7n£tl££*5 

tfiOffltl'lUc <t 0> SDMI (Secure Digital Music Initiat 
ive) mWxt LTW/t'aLiCOPD (Portable Device) THc, 

[0 1 5 3] 1212 8 07D-f + -h4#88L 

t, f^^yy f i A^fBio* v>rr>h pd) 

[0 15 4] H#JtC N Xf77°S 1 9 1 tCfe^T, CPU 
2 1 Si, ny^>^tC^^^7^^^ft/JU^tlTt^^ 
S *: ¥iJ/i£"T £ o -r ^ * 4S * Willi £ tvTV 5 ¥"J Vir 
Jtl/:^ Xf7 7°S 1 9 2tcB^ CPU 2 1 te, JiE 
H/^^JiijfhU SSiFJhj (^ -f-fe VX+t-^ 4 ) W4Mlfl» 

Y -fe > X -9-— ^ 4 ) coffittf SKc J,Wi ^ T It /jSc S nt fc 

^^-tr>x^-/N4 (D^uHai*iiji^Tftt , ';'rsc £ 

#T**S„ 2 etc, CPU 2 Hi. MiPW!0^7-b-y^ 
mc «LTAr>a l«l»«:5gfl] LtA'yya ffiSrSSJJlT 
£ D ^LTCPU2 Hi, SUTJSn^N'y^iM^, -rv 7 
* ;l/-»4i*ft[ L T ?y 6 tl/c/N >y ^zl fifi t fclttt L , M 

[0 1 5 5] Xf 77°S 1 9 3tCfc^T> CPU 

2 1 Ili|]i^«i^ntl^t^^/3^WAiIL, * 

a^nri/^i/>i:¥ij^«nfctu&, x-r^s 1 9 4tc 

SE8lS!f±, J£WieFlcasnSU-7ID (1*12 6) tcSr3 
«fc(3frt>tl£o C<0J&iiElCO^T\ |2 9d^l3 0^# 
[0 1 5 6] l^, mz OlCjSfftlScfcSlC, WJAMF, 

'j— -7^— k iooi wt^f/^x^u^-^^n 

t/nYX (U-"7) *CBa/fJ^n«o CcDEKBti, « 2 9 

tcfctt^fv^x r i o o i j ^u#-^-r3fc46tc. 

4— KR f K1,K10,K10 0 *E#*fr 5 EKBfc&oTl/^ 

<5 o 

[o i 57] u >k-^-tvn^x r i o o i j w^o±t 
«'j"7ti:, Ui»fffnfc;l/-h*-K (t) R*:lR?J*r 

&5'J-7t±, ifiSfrSnTl^i/V— F*— K 0*. -r 
/^X^Sc«^LTl^cOT\ H8KMfc*-Enc (K0 * 
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K (t) R) *\ 0tC£oT&^--T£C^T\ M 

fr;V-F4~K (t) R4KStSiikm4o 

[0 15 8] I/:, / - F*-K 1 1 WJ-7(i, 
Ui«fStlTl/^t^y— F^r— K 1 1#J||^T, Enc (K 

11, K ( t. ) 1 ) *y- F^-K 1 1 tCcfc^T^lJ-T 
SCfcT% ig»ry-F*-K (t) 1 *lRWrSC 
T*S«o £6tc, Enc (K ( t ) 1. K ( t ) R) *y 

-F+—K (t) nccfcoTftt^-rscfc-e, HS^i/- 

h^-K (t) R«ffiW-r*ci:^nIflgi:«:*o /-F 
l 0 l OTiu U— "7l;:o^Tfc, [«J«tc^Jsrr^— 
h^-K (t) R*IR^-TSCi:A^Wf|g"efe5o 

[0159] £btc >j^^^nri^^u-7^ 
k i o o o^j-r^Tv^x ri oooj tt i'ib^u 

— 7*— K 1 0 0 OTEnc (K1000, K (t. ) 10 

o) ^yuT, y-F^r-K (t) ioo*iRfy-ra 
W^m^L, I£»r/l/-F*— K (t) R*i«ty-rsch 

[0 16 0] CtltcWLT, U^^^n/cf/^X 

rioou t±, riatou— 7^ i ©h^^fy- f* 

-K (t) 100^ EKBffl.J'IUcJ;t)IRfyT**«:V^<D 
T\ 'SiJrr^— F^— K (t) R^lKty-TS ci:* 15 

[0161] u^-^^nr^^iviK^^-fVN^x (^ 

ftTSEKBtf, ^^-tr>X^-/N4^b^1^ti, ^ 

[0 16 2] ^^7^7>h(l *t0^y*?"J 

IIJLT, EKBia»ftLI l l!^fr5 C i:^T^^o COEKBiCi» 

[0 1 6 3] Ed 2 ~7 r 1 0 0 1 J ?)ID 

(U-7ID) t*S5 ri oo u r i j roj 

r 0 J r l j 4 If ^ F t LTffifell, «±f4 fcT ^y F ^ 

stiff, mm^mfr, oT»ti«, MCicy «if Hi^f t 

[0164]IDri001J OJft±fitT»y h/b^ 1 T*fc£ 
^0 B2 F^-KR^B^PJtCiffi^o EKB<OS 

fijco^y (S^- 0<D2?) ti, 0 : {0, 0} 

[0 16 5] *{C N /- F^-K 1 <DTiiL<DS— FfcUfi 
C; 0 ID r 1 0 0 1 J <D2Jfi| I<E>tr-y h ti 0 T^l>^6£ 
Wnc&fro S^io^^ti, »V-F+-K0(?)T 
fuco-T-*— ^^i^ttot*^ y — F4~ K 1 CO 
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[0 1 66] £ btC, ID r 1 00 1J <D3flf! |<Dlfy h 
-^O^ife^-r^y (#^3<0*40 U:, 3 : {0, 

o} Tfc?>, Mttic-r— ^*^-rs fe^fcTij^^nSo 

fcffitcjffi^ /- K^F~K 1 0 0lCfcif!)4S< 
[0167] 26 tc, IDT1001J a)ITfi tf ^y h fci: 

5 : {0, 1} T'feSo fct, £ffliHct±, t*— 
ffLftt^CfclCfcSo *(OteiR. /— F rioou tc 
ttfcifOStjftt^ id r i o o i j (Dt'U 

[0 16 8] CftlCftLT, Wl*.tf, K 1 0 

o o^Yj-rs-r-v^xiDti. ri oooj t&d, .hid? 

L/c4;<t^|iiJ«^, EKBrtO*ytcJ.W< EKBiDWSttfl!* 
fc, K T l 0 0 0J iCfcE^lK CttfVZ 
ffioT, ID Ti OOOJ tOfvWXte, iEMS&r^ 

[0 1 6 9] H2 8^ot, CPU 2 1 Xf^^S 

^t^mxf77°s i 9 5t«u mn^tfvx 
-^^nrt^i/^^tcti, xf77°s i 9 6tc}i^, 

[o i 70] -r&fr^, m 6ic,T<zn%£*jic. mm 

5945 (Sig (Header) ) AMsMESttSo *3" 
*if»l«*JHt^T, "ri/Z)Vm&S\q (Header) *rfi£^L 
Tfi* 8*1*7*-* »2 5ioss*is 

Headers /v r >a IJU»*iflJIJ LTiWW £ ftfc/ w> a fift 
fc*ttKt5Ci:^ iflSiW— &LTlv|uf, Header^ 

WLT> iiri#tf-ftLfctt*lfcf, Headertt&tt;**lT^ 

[0 17 1]Xf77°S197 tCfcl>T, CPU 2 1 IX, H 

ftW-ntf, Xf77°S 1 9 81:1^ ^*-*-v-^7 
*r8fc,i£*r*o Xf^ys 1 9 9lc*5^t\ CPU 2 1 ti, 
— * — *ora,ffi«* f iJ*U ■T-x-y^T^ hoping 

Jfi^lCli, Xf77°S 2 0 0lCl^, CPU 2 1 it, ^x 
•y £T^h*^frrSo "f ft to -5, ^-x'y^r^h^co 
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[0 17 2] X7^y7°S 1 9 1 lc*5l^T, -rv^VSfc 

^r, .iiEiiji^^dfts^nTv^^^^n^c^, xf 

*y7S 1 9 5tC*5^T> ,iiEBIJ, l f*EKBT*«i,liE-rSCi:^ 

rsft^o/tfcwaisnfcai^ xr77°s i 97^*5 

l>£hf-ij££n*if 3\ $fcf±, Xf77°S 1 9 9lC*5 

[0 17 3] cco£<Mc. 

43>f>7 0«tiiB«rffiiWJ'r SilfctfT'tSo 
[0 17 4] £6tc> >)*-jf-7-»«:3>fy7ffi 

[0 l 7 5] *£>i|&«L -fiEmit^nZ-cnv-rV^ti, 

[0 17 6] £btc, 3yf771i, {£/H*fl=**fS 
Y^>Xrt«*M^"31t^c 4:T% **uc|jflffi-r 

30 [0 17 7] V-^^flJili/iaHCO^T^H/J-r 
3>-r>^Tti*<, v Y-tryXicfJ-jjU^ti^o b^b 

65o *%RHtc*5i#>r«, »12 5tc;s$ns± 

[0 17 8]7^Xi:3yfy7li, 1»*<D|JJI« 

[0 17 9] CcOV-^iCti, fM^.tf, Bd3 1 tOf;2n 

[0 18 0] V-^tC(i, U— -7ID, Wii\WT7 

[0 18 1] ffJAtf, p)r/H^Wfaj/ctt 

n>^>^^M]TfJftgi:^-^v^-byX^, * 
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tc^iusnso tmfflt&mmz. ^fy^* 

ffl £r Hfr^O WHS [Aj tc IHIte b ft t§ *c 3eSE 2 n £ □ ffl * 

[0 18 2] nt?-[ni»^;±, *-n£T?ic*0):3>"r> 
^ne-bftlolRMS^ (o« ^bTH2i*$ns 0 
[0 18 3] [x]3 2<D:7P — — h*#figL 

[0 1 8 4] itfftHC, Xf77°S2 2 1 tC&l^T, CPU 

[0 1 8 5] XT7 7°S 2 2 2 iC&l^T, CPU 2 1 l±, 

OA/J^WJi;LT^^-tr>X-^-/N4 tcWLT^-T-fcrV 

[0 l 8 6] Coy&mctth&lsT^ I3 3^)7n-ft 

, ^Y^>X*St^ifcSfca&fc: ft ttfdS b T 
<S (^3 3^)Xf7yS2 4 2) o *CT\ Xf7 7° 
S 2 2 3lC*5l^T, ^7^7>h 1 <OCPU2 1 fiu ^ 

[0 18 7] ^l— coa>jUcJ»Wl^T, ftbT<2ti 

[0 18 8] CPU 2 1 Si, Xt^V/S 2 2 4tC*5^T, 

Wfifi* 7 « L ft tgfr «: PJ£ L , 7 « L ft £ M£ L ft 43 
£*tCte, XT'y^S 2 2 5 tciffi^, ^-tr^X-t-^4 

[oi8 9] c<D77#M*n*3{.rrsi:* ^-fcvx+r 

77S 2 4 4) 0 ^Ct\ XT77°S 2 2 6lC*5^T\ 
^"y^fT> h 1 COCPU2 Hi, ^-Y-tryX^— /n4^6 

ttlR o ft * ^ rj > V lcii«)3i€yfflJI«r^ff 

^t§^>r>7£^7-^^lT, [*J3 1 {C7^?nS 
cfc^ft^jWiv^y^SSIdi^nftv-^^ny^y^tc 
*HSUT,iEt*Snsci:tc4So £ft> ctD£#, CPU 
2Ht *-y*— ^tfBIW^ftfcC fc*C«:S<DT?, 

[0 19 0] Xf77°S22 4 iCtSl^T, ^-tr^X^ 
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tlft*I£\ XT7^S 2 2 8&C)ffi^ CPU 2 1 M\ flTTx 
^nftWfifii^7/JKLftl>C ^^^^^>X^-/n4 

[o i 9 i] co^Xors^^^ryv 1 tofflfflUcttJSL 

[0 19 2] Tft*^, ISttllC, Xr77 P S 2 4 1 tC*5 

/o i 7 ^ y xi^tfxo <?)S;R^Sfa ^ nt < %t 

(1*13 2£>XT-y"/S 2 2 2), cn^StttfXD, X 
f77°S 2 4 2[Cfcl^, W^h^nTl^^-f-tryX 

«n^^ofc^ft«ffi«,effliW2 r^am^u c 

[0 19 3] ±yibft<fc-?&C, CCD^lCbT^T^tl 
/cWItcWIT, ^7^/yh 1 frefl>7^nftttffi£: 

[0 19 4] Xfy^S 2 4 3tc4ol^T, 

-tr>X+f-A4cOCPU2 Hi, t^oTTy h 1 7* 

¥"J/i£LfctU&, Xf7^S 2 4 4 tCiffi^, WjftfcJtlS 
nfcv-^(i, .hiELfc«fc-5lc, 77<Y7y|> l <DK1ft 

3 2^Xf7 7°S 2 2 7) „ 

[0 1 9 5] XT7 7°S 2 4 3£*5^T\ ?^^T> h 

i /j^ e> 7/ftana^Sf. ^nti^t^ m^nrc^, 

30 Xf7 7°S 2 4 4<OfflIttX*7^n5c ^"^t?^, 
[0 19 6] 13 4 tt, Xf77°S 2 4 4 tC$5l>T, ^ 

^^^x^-^M^b^^^rv h i icftisTmmzn 

coa— ifcD'J— "7ID, flih'ti&y^V (Own) . Mtftc U 
-7 ID4:3fYjfl87^y*, ■^-I'-tryX-t— 

S tc J,Wl ^ T 3=ric S tlft -r' ^ ^ )V& ^ S i gs (Leaf I D, Ow 
n) tc£0, 7-^W?tlTl^ 0 

[0 19 7] cov-^7ti, W^^-^fo^W^L 

[0 198] cco^^tcLT, nyry^^^^-tyx 
ffiffl * -7 << -b > x tc wtt;5 W&tc *3 
t>tt, to *t(o^i>-T>y (dwuwric is b ft t^— tr x 

[0 19 9] #ic, ^;l/-tf y^c-Qi/^TUi^-rSo »l 

50 fei^Tii, r3>-r>^^g^^g§TS^^^T^SJ: 
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tf > ^ (i , fH AORTrft-r S aSB^ * -r -r r le: *5 1 ^ 
Tlf^n^o Cco^Vlz-ev^i, fi&fc, 
<Oi/- -T 3 7f L T nt>ftT l > fc fo\ ? VI/- 

-?it^-%> vm<Dm*>p* ^r^T\c, v 3 - to ^ -r -t? y x % 
wj£c5tt s c h tc j: o , tc y^- if y *f*t zctft 

[0 2 0 1] c«&, *fli, 

[0 2 0 2] mUlC^ 1*1 3 5 0)7D-f h*#PSL 

t, ^v^ryh (y;i/-t?>y*t«fcaa«») <ose 

W*oa»«iailCOl^TlttWlf 5o XT7/S2 6 1 £ 
*5V>T\ *7-rrv h 1 <DCPU2 Hi, y;i/-tf>^co 

[0 2 0 3] ^td, XT77°SZ6Z tCjffi^, CPU 2 1 
>7^-/N3t:T^t'XU X-r-y^S 2 6 31C*5^ 

t, xf77°s 2 6 i ommvi^i&^nrzmmm^^y 
Tyvv-^3icmm^%mm'Mr*?z>a 
[0204] immtLxitt. =7>(*>y7s'*y—rt 

[0 2 0 5] W..h^M.ti, tf>^«Sfti:Sn5 

[0 2 0 (5] #ac, |x]3 6«7P- f--v— h*#RSL 
T, H3 5<O^YT>h i <OJiEWJdfoeia*affl*c*HS 
LTfrfcttS 3 >-r Wtf-/* 3 (DjiEH«*wa»fflfS^ 
o^TSSRHTSo 

[0 2 0 7] fiMWfc:, Xf 77°S 2 7 1 tCfcl^T, 3 > 

SnT*/£,liEWJ, l f*Sf.t*rSi:, Xf77°S 2 7 2tc£> 
^T, ^00,1^)^^^1)3^5 2 8 {C«Jbi-TSo 

[0208] w.h<D«ifaA^ y;i/-yw«i:sns«H}i! 

2 8tcfi, fMAlf, i«3 7 ic^Mi 3 tc, if /I/—:/ 

[0 2 0 9] H3 7tC>^^n5ffJT*tt, 9fr—-f 1 <0mE 
WJ.'ffcLT, .liEBIJ.'JC 1 \Jb3*C 1 4m^tlt^ 

So cne^.iiEHjj.^c i i/b5?:c i 4*c«, ^s*rsi> 
i;na!Kpii7 , jSKpi4^rvsnTo^o 

[0 2 10] ["JtiHc, y;l/-^2CD3iEW»^LT, SEHH 
C 2 1 PjMC 2 3^QS$fttt3^ cn^iiWKt 
Si>K]fflKP2i7 1 j^Kp2 3^'a'^nTl^o 
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[0 2 11] W±0<fc«5 35:y;l/-y«:«ltfi-rs*«ffl« 

^osiw^essnfctt^^fev^T, 3.— »f^e 

[0 2 12] SftKC, Xf77°S 2 8 1 tc£jl>T, 3> 
x>^+t-^3cOCPU2 Hi, E«ffl5 2 8 1CK«S*IT 

1 > 3 liE 5 % , ^ co $01/— 7°tc K-r s 3iEiW»*«MiE 

w [0213] c vmmvm. 1^129^030 l 

IDtcJJr^VT. ^y*?iJilJUTEKB*fc^SC fcTtft) 
tiSo EKBti. 3>f>7^-^:u:t, 7^>x^ 

-*snT^^*aEiw»^i^^nSo 

[0 2 14] Xf77 P S 2 8 2*C*3l^T, 3>f>7* 
-/^3C0CPU2 Mi, Xf77°S2 8 1 OttffiJftffltO»S 
^Ji:^ti/cdiEP>i«^}l!«-rS 0 fit, X-r^y 
S 2 8 3tC^>T N CPU 2 1 t±, Xf7^S2 8 2 CO® 

a*HiVJ{fc-rSo Xf77°S2 8 4tCfct>T, CPU 2 1 
ti, W*fc?nsy;l/-^0*«»{tC, Xf77°S2 8 
3 <Dffl.fITBff ?n/c^yf>7 St* 3 >"r > y t £ 

[0215] 13 i^yf.nn^^^-rf \ <d^*>, mz. 
tf, lIHHUfC l 4tf'JjK-*$nt^5i:t5i:, Xf 
7 7°S 2 8 3* [ l!t\ ffJAtf, H3 9{C/j;SnSct-5 

[0 2 16] -r&t}^ Ed 3 9C0WJtCfc^Tti, a>-r 
30 >vmch\ .Ml.'fC l 1 «4>I»1»Kpik .IfHII.'FC 1 
2c?^BBMKpi2, *fcii,MB«»C 1 3 04MfflStKPi3tc 
«t0. Og^ft^nTU^o 

[0 2 17] 3VfV7^- ;%?><Dm?> 8tC^^tlS ck 

9 4 iflflic it, n > -r > cotifA^Stt s «■ 

[0 2 1 8] W«IJC, Xf7^S 2 9 1 IC4o^T, 

-rr v h i cocpu 2 1 a, uyTzsw— /^3A^gi3 8 

«XT7 7°S 2 8 4 04ttf l l!T55Sf.iLT#fc3>f-> % y 

ft^TtlTl/^ (H3 9) o 
[0 2 1 9] fCT\ Xf 7^S 2 9 2 tC^ol^T, CPU 

2 1 ti, Xf7^S 2 9 1 (OjafflTSfMLfclti^Jii^n 

fLT, TOL/cnyf yvm*)\\^Tuy7-yv<D'U 

[0 2 2 0] Miltf, 03 9tOMtC>j<^nS8IW*C 1 

50 ncWiS-rs^Ei, ^BH8iKpii^^5*rse»g# 
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[o 2 2 l ] [n-MQiai'lUi;, .tEWI.'FC l 2, C l 3lc*t 

^n/c^yfy ^itKc^ 3 y-r > *y tc ftsi l rm e nr 

[0 2 2 2] tt_LU:*3^TH\ nV-rW*— OTfcfc) 
% n > t- > ^ ) tc ft L T y tf > y o ct -5 tc L tc 
t)K ^Y-tr>X*— (^-tr^X) icjtfLTyVl/— 

[0 2 2 3] W_L<D£?tcLT, MpBijay^-^- 
^"T^ICV (Integrity Check Value) fc/fltvTfc: 

[0 2 2 4] 4=5eiWtC*3l/>Tt±, 7^-feyXtfx7^ 

fflFlUiSDMIT-Ai-ftSft^ 
[0 2 2 5] 1^14 1 2OTD-ft-h^ 

x -V * t *j v aiai tco i > r sjiw-r s 0 

[0 2 2 6] &#JtC, [*]4 K07O-^-hS:#iL 

7°S 3 0 1 tCfc^T, >7^^Ty h 1 OCPU2 i 
x7^77 h»)7^ir>X«fx7^7 t ) hMftN 

n a mm tc ji * & * nr t ^ co x\ c <ofl!ffl ^ff ^ 

[0 2 2 7] ;*{C, Xf77 P S 3 0 2tC*5^T, CPU 2 

7^7 Hy'lftN 2*\ ^tiO^^-fevxeOfsfifflftffjb^aS 

[0 2 2 8] fit, XT77S3 0 3lC*J^T. CPU 
2 1 Xf7 7°S 3 0 1 OfflflT^ITX^n/c^-x^ 
>7T^ Hid ft N 1 t:, X-rvy^S 3 0 2(DjfflfflT*ttWS 
^n/c^A^x «y ^r^/ hSftN 2 U T^x^y 

*T»J> MDIftN 1 tfB^x7^7') h0SN2J:W 

[0 2 2 9] ^x^r^y M«1»N l h\ mX^-^y> 
TO H-'IftN 2cfc9/h£^fc¥U&SnfciM£\ Xr7 7 
S 3 0 4tCjfli^, CPU 2 1 ti, tilf-flW£>3£i« (*-x-y* 

**i:$nn^7'rt>xi otc^t; LriaitSR 2 8 co 

^ x • y * T 7 ^ h U X h I c IB IS 5 a o 
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[0 2 3 0] Xt-^7°S 3 0 5lC*5^"t\ CPU 2 

xfy^s 3 o i (ommxm^m^nr^-f^y 

X^x-y^/ 1 ) M»I»N 1 <Ofirt* 1 ^ftt-rvy 0 y<> 
h-T^o X-r^7°S 3 0 6tC&^T, CPU 2 1 ^>f 
-fe>X<D* 'yir-^tcJ.WVT, ICV^jiOT-r^o CcOl 
CVtCO^Tte, t*]4 6 71^12 5 0 lT}^t^.o 
I CV^ffl i^T v Y -tr v X <D&U*\V}±-? ZCttf [1 Jh£ £ 

[0 2 3 1 ] #tC, Xr77°S 3 0 7 JCfcl^T, CPU 2 
/0 Mi, fx7^7 t >h«^7'YtyXfc, Xf 7^S 

3 o 6<Dmmxmwz nrc i cv^r, g»a#<o4iBH«* 

IIJi/^THrtWftLT, EKB*5<fctf,ljEBI|, l Ji:i:fe^ «I^«J 
^imcBVjU 3l^-?^^ 0 $b(C Xf77°S3 
0 8tC^l>T. CPU 2 Hi, XT7^S 3 0 6 ^fflflT* 

[0 2 3 2] Xf 77°S 3 0 3Cl5^T, ^x^y^Z^ 
MhISN 1 A^x7?7«) hr<ilftN2 J;0/J^^<^ 

ti&M&tctt'f-jLvZTy btMrt>tiX^Z>o)X\ cti 
W±f x 7^7^ h«« C ^^tt^^o fCT\ X 
f77°S3 0 Otcm^, CPU 2 1 ti, x^-filfl«r^7 

[0 2 3 3] *IC, |^2©7D-ft"h^#Hl 
T. gJ4 10f-x7^7^hMtaD, ^-Y-tr>X^J 
^x>y h^SW^y^^TV hOSaf'lUcoi/^T.M 

30 [0 2 3 4] mmc, Xf77 P S3 2 1 iCfc^T, ffi^ 

ffly^S (^-Y-tr>x^^x «y h-ra^^-r r > h 

Xf7 7°S 3 0 4tCfe^T, fU?ffl«*7>C7 

V h t c cfc 0 , ^ -b > X I D l c W tS L T ki ta ^ n a o 

[0 2 3 5] ^tC, Xf 77°S 3 2 2tcfel^T, CPU 2 

yxh I CV^\ EKBfccfc tfiliEWJ.'f h <h fe tciM i s nr t tz 
4}^, cnssf.i'TSo "r^c^^> c^^^yx, ic 

40 mxm ^m<D*jiWfr % &m 2 ntz *> ^ t & a 0 

[0 2 3 6] Xf7^S 3 2 3tC*5l^T, CPU 2 1 ti, 
Xf77 J S 3 2 2<0J!lfIT*S«Lfc : 7>r-tr>X, ICV, E 
KBfeAtfsiEW**, E*ffl5 2 8 lc9B«^^4c 

[0 2 3 7] l^i^cfc^tcLT, 7-f^!>X(/)fx7^ 
7-»7 h^rStt/c^^^r^h 1 t±, ^x^y^r^h^S 
tt/cf 60^^-t>X^f£JIILT, 3fAL'^r3>-rW*i'f 
£TSJW£\ [3 4 307n- -^-v— htc^^n^^l!^: 

[0 2 3 8] *T*t)^, IftWtC Xf77°S3 4 1 tCfe 
50 l^T, ^74'7>F 1 cOCPU 2 1 ti, 3.— ^'J:^ A^fgf5 
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2 6 *fr L T "HJ4itf iH3* 5 n/£ 3 >"r > % -V <D I CV*i»W 
T^o f LT, Xf77°S 3 4 2lC*3t>T, CPU 2 1 
14* tS«BP2 8tc3d«5nTt^Hg^ffc5tlTl/^1CV 

So 

[0 2 3 9] *XlC, Xf7^S 3 4 3tCfcl^T, CPU 2 

n±, xf -v7°s 3 4 i osafiic j: i^rsw^n/c 

ICV<h. Xf7^S 3 4 2<Dfflfflfc<fcOSc#Ib£*U 8i 

-rs^ic^ ^Hz^xti&asftT^&^c 
§ 0 xf77's 3 4 4 tcr-rz^ CPU 2 1 W\ 

[0 2 4 0] cnicWUT, X-r^T'S 3 4 3lC*5l^ 

S 3 4 5 CPU 2 1 ti, jaffl^ffr^o 

[0 2 4 1 ] W±£><fc'9lcLT. fl!i^^^^r> 
He -n.-fi7^r^M/:7^-(:>X^fx7^'r> / 
^SHt^^7Y7yhOlW:o^T, HI 4 4(?)7d- 

[0 2 4 2] JSHWtu. Xf77°S 3 6 1 iCfc^T, CPU 
2 Hi, tt1=JMH"J<o1S[H (^-r-bVX^riKa] (^x-y^-T 
» LT<£^YT>b 1) C0V-y^-t, T^x-y 
»-r>WSftO-7>f-lr>XOID*lR«-rSo Xf-y 
7°S 3 6 2 lilfc^T* CPU 2 1 t£. Xfy^S 36 It 

tfti I -f-fltJSfi !» ¥ ( * x >y * 7 * h L ^ >T -b > X Tfc £ ^ 
fift^ij/i^-r^c 1*1 4 l(OXf77 P S3 0 

8offl.arMiiififfnfeicv, v—?*—, *5<fctf^>r-fe 

>XIDtcMo^Tf?^tl^o -Tftt)^, Xf77°S36 
lt*^n/:U"7^ ^Y-tr>X!D, fcitflCV 

h Lfc^^vxTfcfcfcWySlStiSo 

[0 2 4 3] v^"tr>X^\ i'| / ytl'lWx7^7 t >h 
LfcfctQT'fcSfcS, Xf 7 7°S 3 6 31C*5^T, CPU 
2 l 14. W-^fflil^SSK^^-r-feVX, EKB*s<fct/SEWSB 

toffjK*SiR-rso fsas"r*<t^tc, c^icao^ 

T, tH^flJ^lfilHti, vY-t>X, EKBfecfctfSiEW*^ 
ffUI»*r^frf £ (H4 5cOX-r*y7"S 3 8 3) 0 
[0 2 4 4] X-r^^S 3 6 4 iCfc^T, CPU 2 1 t4, 
-B^ x >y £7"> h L/c^Y-tr>X^^^x'y 

N 1 * 1 /Sfrt-r^'J^Vh-rSo 
[0 2 4 5] Xf77°S 3 6 5 JC£>l>T, CPU 2 1 t4, 
t0#«(iJc?^[Stcft!itO^-r-tr>X^7 € -x'y h LTi^ 

-Y-evX^frV+lL&t^iS&fcti, Xf7^S 3 6 6lcM 
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cpu 2 mmmmmo^^^-y^^ymm^ 

t L T O * x * r *j h U X h ic *5 1 * S 121ft*: FM K "T 
£ 0 CfUCWLT, Xfy^S 3 6 5lCfe^Ts tll^l'J 
^gei^tc^x^y •> h LTl^Sfffi<0^>f-fe>X*W/:ffi 

■rsfcw^^nfetu&^a, ffio^-r-fe^xo^-x >y * 

[0 2 4 6] Xf7 7 S 3 6 2 tC*5t^T\ 7^x >y £ Y> 

tc^-x^y h L/c^-r-tryXTii^t^W^^n/c 

if^ CPU 2 1 Xf77°S 3 6 7 tcilli^. x^-M 

[0 2 4 7] ol— ^Y-trVX^r^IEtca if— b/c 

ct^^iia-, 3Q«snrt^icv^ia4:. xf77 J s3 

6 1 ^®f!Ti!X^f^n/c^^^>XtcMo^T^W^n 

20 [0 2 4 8] 0 4 5 114 4 (D^D— MCtSS 
n^^Y-trVX^-^x^y^-Y vffiif 'l!^r'Jl;'f"f *T §77^7 

7^^>^-e^77i , 7>h*ll^LTl^o 
[0 2 4 9] Xf7^S 3 8 MCfc^T, V7^7>h 
1COCPU2 ltt, tD^fll'JcO^ia (BI4 4^7D-ft- 

i: x ^y ^ Y V WftO -7 Y -b > x^ i fj-r s o ±3^ 

Lfc<fe-5tCs tll¥-ftliJ(7)^ii v iti, Xf77'S36 Mcfcl^ 
T, CiOU— 7*— h^Y-tryXID^lfMWL, Xf7 7° 
jr; S 3 6 2(:fci^T, ^ntcMoi^r, fx7^y^ 

[0 2 5 0] Xf77"S 3 8 2tC^5l>T, ^7^7>b 
1COCPU2 Hi, ffl^-fflcoafiMfA^^Y-feVX^fiiJIft* 

iE^a^x^^^VWIfetO^^-feVXT'feSJB^ ±ai 

Lfe«fc"5tc, w-rm<omm^ xf7^s 3 6 3©jafl( 

T* v Y -b > X , E K B ^3 £ , ! tiE HJ I , * } CO fl i J f ^ «r 'ii! >R L T < 
S 0 ^CT\ CtO'^R^rSf.iUfctU^ Xf77°S3 8 
3tCiffi^, CPU 2 Hi. ^Y~tr>X. EKBfccfctfaiEWaf* 

40 iwsrrso t^^^>. cnta^ c^^^-rr^hi 

ti, tt»*^^-r-b>X*fse/BT*lr^^Jffii:«:l?, ia 
4 4 ^Xf7 7°S 3 6 4 OfflfltC* t^x ^y * T 7 ^ h 
0SNl^ l mfTtV K?tlS<OT% T^x^y^ 

[0 2 5 l ] XT7/S 3 8 2tC4ol^T, fll4^M4>3£i« 
^6 v Y -fe > X c?3 iliJI^^ 'iii*$nT^4^i: f-'J /il ^n/c 
tf^, Xf7yS 3 8 4(C», X^-Jttffl^tr^n 

50 [0 2 5 2] «±IC43^TJ4, fx77-fy^x77 
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-&%\ t ^&l*—7Z#%&$te?%££^ffiX+1b2>a 
[0 2 5 3] ^-feVX (riV-rWfelRl«) CD 

x-y^firt (I CV) ^Mlt, ^YirVXlctt/Ctttf 
T § JffliatBfiK o i> r ^n/j-r £ o 

[0 2 5 4] • f-x^y^ffl 

(icv) ti, WJx.{df-7>T"b>xtcWrs^Ny>aKia 
Sffl^TttKSn, ICV=hash (Kiev, L /0 
1 , 12, • • • ) iCjCoTftWSttSo K i c v(il 

£0, ^^^>XCOiT(^^p<-y^-^ 1 lg t iiE^i; (M 
AC : Message authentication Code) £M5fiffl£ti£ 0 
[0 2 5 5] D R SHSy«lIIt»/**;»]l/^cM A Ctt£fS 
»J*Bfl 4 6 tC>K*To ESI 4 6 0}48$lc>jvr<fc 5 tcWftfcft 

n/:^7t"y^MU M2, • • MNt^Z) , 

**r, wjwtfi civ) tMi*. tmuz 4 - 1 Ate x o 

1 SDE SPff V>ftffl52 4 - 1 BlcAtU gH (WT, K 1 

h*r#) ^jiH/^THiVoHtrs ai^j*K i t-rz) 0 fee 

CtT. E 1 *5ctt/M2*8»JJSI5 2 4 - 2 A IC * »9 SEflfiW 
SftffifllU ^OlWJj I 2«:D E SHff^ftg|5 2 4 - 2 B'S 

xn, ssk izm^TMsmt-rz ubaie2) □ «>\ 

^/Mo D E SHffr>{tB|5 2 4 -NB*p&»fftlcajT#fcE 
N ^ >y -tr — i/\&3t$f ' -} (MAC (Message Authent i ca 
tion Code) ) ^^^ Q 
[0 2 5 6] C«J;9^7^t>X^MA Cfii'l^ ICV 30 

y;-r->r -^x-viMifi (ICV) tf&riteftSo ffl*fcf 

Xiclot^TML/: I C V £&kmLTm-<D I C V 

mn % ntuf ^ -r -tr v x tc aaao & i > c t awn s n , 

[0 2 5 7] • ^x 

•y^flft (ICV) M*-T'65K i c v*±ai<D<jja 

Y-tr>Xto-f yfyjr^ • ^x >y ^tt (IC V) 
[0 2 5 8] [*]4 l*5&TSm<\ 8lcm%L(DT/^ XIC¥< 

flftlferJt^r— K i c vlkHmtS—'JUy 5 (EKB) 
<fcoTK{,i-rS*WffJ*^ , ro El 4 7{if/WX0, 

1, 2, 3tcWLT«y"Ifl6&^x-y*fiS^fiK*-K i 
c v*fiGfJ"rSWI*/Txb, 8 4 8tif/^X0, 1, 

2, 3^c0t-V^X3^U^-^ (»Bfe) ITf/UX 50 



f$0H 2002-359616 
0, 1, 2^WLTO*«^nJflg38:^xy^fil«fefiK*- 

K i c v*Bd«-r£#j*svro 

[0 2 5 9] [*]4 7<Otfi]Tii, Mi#r/— F*— K (i) 
00tc£oT. ^x^y *{irt£/dt*— K i c v^&Pffi^tU 
/-cf-JKnc ( K ( t ) 0 0, Kiev) i: h fe tC, 

fV^XO, 1, 2, sictei^T^ti^noift-tz/ — 
, u-v^-^ffl^r^rr^n/cy- f*-k 

(t) 0 0*«^oIflB38:*j«l{t;*-ro-v* (EKB) 
«r3=/aLTfiaf3-rSo ^n^tlcO-rVWX^. 04 7^ 

htc^D, iSSrSnfey- F*— K (i) oow 
U WL/c/-F^K (t) 0 0#JII^T, 

BiV'iftStlfc-^x >y ^fift^/dc*- Erie (K ( t ) 0 
0, Kiev) ^^LT, ^x-y *fift£/dc*-K i c 

[0 2 6 0] coffin ■r^'l'X 4, 5, 6, 7 • • • « 

|GJ— ^#Jftft*-yny^ (EKB) £SHaLT&§# 

LTE«ff*nfc/-K+-K (t) QOJtwm-rzct 

&VZft^<DX\ '£±\C IE >i1 ft -fV ^ X W L X(D?t* 
x ^y ^fift3=ric*-«:j5S^f S C i:^T*#4o 
[0 2 6 1 ] — >b\ 1*1 4 8 com, B4 1 2 <Dj&*9#TI!!l 
A, /£ if;]/— -f\c *5 ^ T -r v ^ Y X 3 *\ ffl| ^. tf lc 

cOX^^n, f/UXO, 1, 2, ic M L T O 

*atWflg«:-*fSKlft*-^o^^ (EKB) SMLT 

(EKB) ^x^y^fuVJi/S^- (Kiev) ^rX- 
K*— (K (t) 0 0) T'Hn ' J'ft L /c ir — ?En c (K 

( t ) 0 0, Kiev) ^fiLifiT^o 

[0 2 6 2] 14 8tO*iBJ*Cfi, W$mVl*7fiLXg> 
^> 0 fVWXO, 1, 2f±, St 6 , 'x'Ml/:fiaf^- 

"^Jf]^/cia^«.lcJ;D, "i£irrX-K^- (K (t) 
0 0) *I«Wt"5o ^tc, K (t) 0 01c &%m^& 
D^x^y^«^4~K i e v*IRfJ-r« 0 
[0 2 6 3] [Hi 2 tC7T^ffi^y^--7 0 c07 :: VN^X 4 , 
5, 6 • ■ • CKOIiiJtJiO'r— £ (EKB) 

ii]^rM/-F^- (k (t) oo) zmm+zct 
x-K4~ (k (r) oo) fciRfy-rscfctf-c^-r, 

[0 2 6 4] C<0«t"5tC, E K B*?UJI1 L/c^x ^y ^fu'i 
[0 2 6 5] CCOJ: -9 ft^^-tr>X^^>"f-^ 'Jf ^ • 
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(I C V) %m^%CtlC& K>. EKBhNg 

m?L\imA 9 MC^T^olC^ 7^t>XL 1 t^^-t 

( E KB) hh'Mcte^flbfc^rVr 

Srfflai'rSo E K B fc:Hg^k^>f-b>xe03br— {AwTftg 
T*&9* :n*E K B^^^nJtg^xV^XTtifiJfflT' 

[0 2 6 6] 18 4 9 BtC^-r^ijTti, ft ^ 7 IE 

***y *4rt ( I C V (L l , L 2) ) *tiHfoTZffi}&£ 
t§ 0 &*5, ( I C V (LI, L2) ) 11, ^-tr>X 

l i fc«7>r-b>xi. zicM-y^aisasffl^Timsn 

57^>XW>f>fy'Jr^ • fx >y ^ttTfcS I C 
V = hash (Kiev, LI, L 2) */T<LT^5o 

>X 1 ^7^t>X2«^tl, ^-feyXL 1 
^-tr>X L 2 tcM^i>T£r&£n/c^yf-y -ij-r-r • f 
x^^flrt (ICV ( L 1 , L 2) ) M^tlSo s 
7c, *t*y7 2lctiTE*J$l£v^'feyx 1 *Mft*fi£*U ^ 
-T-tr^XL McJ 1 W^T^iijc^n/cY>^^U-r^ • f 

(icv (li)) *<**ft*n*o 

[0 2 6 7] C (Office io^T, ^fV7H;M?tl 
7c (EKB, ^-f-tr>X2} ^^fV72lC3^-L/c 
ciir^h, XfV72t\ ^ir^Xf xy *fifi#JFr:te 
tc^/JcT^i:, ICV (Li, L 2) 
KfctK ^fV7 2tC*S*ft*nTl^5K icv (LI) 
4:i'4ft 0. ^fcvX^&lMfeS^li^IEftrJ tf— (c* 

££o ^^vr^w^-r^^vwxtc^oi^T. ffi^x-r- 

v7<DffiX"rv7lc I CVfx^^^RlT, £fcR I 
CVi:Wl C V<D-3a«r¥iJBiJL. -ftL4^tt&tt, 

[0 2 6 8] £fc, £btc, f fi£tt*iB»*fc«>, ^ 
tVX^yfyjf^ • f x^fn'l (ICV) 

* r> > * * -r - * ic ^ T It titf £ ttM ^ 
LTU^c "T&fr^ I C V = h a s h (Kiev, c 
o u n t e r + 1 , LI, L 2 , • • • ) iC <£ o T8t Jf 
t^MfctSo CCT\ (c o u n t e r + 

i) i c v<o»*«^.cr^ic lo^v^y^yhs 
[0 2 6 9] ssm, 7-f^>xw>f^yf-r • f 

x-y^fu'I (I CV) ^v^ir^X^I.-J-^-rVTtcfe^ 
f^Jr^ • f x>y^M (ICV) Srv^r-feVXiitiHiJ 
[0 2 7 0] frljx.ti, I^iA^^|^fV7^I^M 
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* xy yfirt (icv) £r+&*rt-r££ i c va.'j^mtf 

'»i^M^fV7(c I C V^MLT, ^-f-tr> 
Xcon b°— n > h d— )]/ ((?ij^.(f check-in/check-out, 
move) tc I C V%mm-tZ>mhZt*?%££lz£K), IC 

/0 c:&£ 0 

[0 2 7 1 ] C O^liS^J^l^] 5 0 iC/jVTo B50 Tt±K 

bnti^t^f^ 72 2 0 UC7^ir>Xl Vx&7 4 

r^Jr^ • fx -y >f (IC V) ^Wgit: 
7 * -tr xt £ c t<D$^i snat^Xhv y ±£D'£;±: 

r^'JfY -fxy^fii (ICV) Q»#BW.*KiihL 
fc»JT*fc4o ^^WttlT, #11x^7^7 2 
20 2 0 1 ^^'IL/cfVWX^, ^fV7Z 2 0 1 <D|*f*fc 
«Wi)^CtNXh7yyT^^ P C. +f— /^cfc^ 
T I CV^x7 *#3*fT CTi?li^3nTffi^|lJ;i£T^«5 

^fc-Ttitf, ^j]£^nif-v^-tr>X$>^^t±*3a^-r 

[0272] *jeiWA<iafflsn^^^-rrvhtt, 

yf ;I/:ny tf a-^Wft, PDA (Personal Di 
gital Assistants) . m\mim. *f-K^*m*Et 

S/fctt, M«^o^7A^^yxh»;i/«Lt 

[0274] ctD&t&ie&mt* m2ic^ztiz>&oic, 

tc rte /ii ^ ^ n S > 7a^7 1±£>\£M ? tiT i ^ Sttlx -r x 
^7 4 1 (7D7erVX7^^) . )t:fVX^4 2 
4tf (CD-ROM (Compact Disk - Readonly Memory), DVD (Digit 
al Versatile Disk)^#Cr) , ytOt^'r-C X ^ 4 3 (M 
D (Mini-Disk) ^#0) , feKH^^t'J 4 4 

f^^n^, yny-5A*yat*snTi/^R0M2 2-v>, ,ta 
tew 2 8ic^in^A-KfVx^^^ tffi/s ?n^ 0 

[0 2 7 5] fcfc, *tW*ffl**C*5l,^T, IBS»Et*tCgBS 

^n^> y a y ^ A^sa^-r § xf ^ yu. isttsnfema 
i¥ fa o r p# ^ jrij w tc rr t> n ^ jaa it t % 5 a, , ^-r c 
50 t,B#^JW^ftiii$n*< 1 afewwfesv^iflagij^ 
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[0 2 7 6] Sfc, t + aU^fclHIM^Sfflll*^?? 
?^7p^7^ * 0{fflil*»4rr 5 n £ to £r Kj <* tc 
46, f^^p^Afl f*;Wf i J-ft S ntl ^ £ <Otf *H S L 

[0277] s/t, 3>7 L v*y**ijffli*«j-rs : 7>r-b> 

<Tt>cfct,\, ±820^SfiffJ^«, 7^t>ZID^ n 
>7 L >^OfiJilJ{c^!U!&^^-lr>X*t.fXU-rs tfi « T* 
0 , & S ^ ^ -fe > X tffiJJ I J €: »rr £ n Vf > ^ «: 

mfi^VXhmdmtEft, ^-Y-tr^Xtc, ^co^«r 

x W * <0 ^ Y -tr > X ^ * i J j 1 1 * , IT- p T -T * =3 y -r «: « 

lc«8i]-rsfff«i:JS:S 0 £ <0 A -5 tc LfcttJ-&tct±, 

co > y- > ^ tc Si ft co v >T -fe > X «: W JEW £ £ ft " J 

O 

[0 2 7 8] *H«W*fC*5t^T, '>XfAkli, 

Si»<o3£ii v »c J; 0 ttS/fi S n§ K!i v i^(**ai-r t <OT*S 

[0 2 7 9] 

If, HS KM 1 2 tifc 9 - * «: i-J d] Sdffi T- * 3 <fc -5 £ t , 

[El i ] *si!0*iaffli/'c3yfy7ffi(iti/xfA(o|j| 
[82] gi to^-rr> h(OM**f7D7*at* 

CBS 3] M 1 0^7^7V hOT>fy w^ya- 
KifiJ l l!«r,MWJ-r S "7 n— — ht*65o 
[B4] El 1 ^)3>f>71f-/^3>fy7tl 1 !(W! 

[EI 5] 0 4<OX-r-y7S 2 6 tCfeltS "7 V -y h<0 

[ei 6] mi^^^^r^ho^a^iryyn^Mm^m 
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[i7] H6<OXf y^S 4 3<0^*>XBtf#4!!lSfi<0 
,i¥lffl«:,MWJ-rS7n-^^- ht'ftSo 

CBI9 3 El 1 cO^^^^X^-^O^-T-tr^XftlfftcOja 

[110] i60Xf 7^S 4 5 tc&nt£ ^-tr^XM 

[Eli i] B l ©7><-byx*-^07^'feyxSI[i!i 

[Ell 2] ^««Pflt^iTfe^io 

[EM 3] tjt-^U /- KSr.iHRirr Z>mT&2> 0 

[Ell 4] /» K^fVUXOMOUIWil^tit 

[Ell 5] fi«i!ift*-7"n-y^(0«/«*|ttiWr*KITfe 

So 

[Ell 6] fi«»ft+--^ny*(0?iJffl*KW , r*BI"e* 
[Ell 7] fimt*-7"u y ?(Dy h<0»J*/T> 

[Eii 8] Yj^t^-^ny^to^ytofflja^wwi-r* 

ElT'^o^o 

[Ell 9] DNK*ffll^c3^^>-y(0«^ffla*SiJiH-r 

[El 2 0] ^Ht^-^n^^co^iJ^^EITfc^o 
[EI 2 1] «[at03V-r>*y« 1 O^O-rV^XtcW-r^ 

[E12 2] ■7^-fe>X(0*-r=fU«r,BiWJ-r*HT**So 

[Ei 2 3] *7>f7yh©'j -y if ^yjafH^iKRii-rs^ 
[824] 7 ^ - ^ - -7 - ^ ©M^iiJiPit § Tfe 

[El 2 5] U>7->y<07*—^v hf)M*^tKT*S 

'a) O 

[EI 2 6] 4i»I«aE(y!»t0ff>J*^-rBdT&*o 

[EI2 7] n v-r>*y <oBe/iJ*iHW-rsi9dT*fcSo 
[E12 8] ^7^7y h^^yf y7(Of x ^y ^ h 

[ei 2 9] *#ic&%ftito<t*--7uv{7*rzz%m* 
40 ;ffiwi-r*iaT*«s 0 

[El 3 0] ft"J»ft*-7 r n«y*(0»tf£ffJ*7^-rHT» 

[E13 1] v-^(0«J«*SiH«-rS»IT*SSo 

[E13 2] ^^^rvhcO^Y^^XRV^^KLil^lffi 

[as 3] ^-r-fevx+r— /w^Y-fe^xnt^offlffl! 

[EI3 4] T-*<Ofl|fi!cffJ*^'rEITfeSo 
[S3 5] ^7 Y7> 
50 7n-ft"hT«o 
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[03 8] vWfT^nTU^^tcfent^n 
[0 3 9] 3V-r>^4 : ~eOBS^ftOfflJ«:^ , riaT*fe 

[04 i] fiiw^-rr > htc^-Y-tr^x^-^x^^r 

[0 4 2] fl!i(?3^^^r> h^b7>ft>XOfx7 * 

r ^ h § ^ ^ y r y h maus. $r ;&0£*r 3 7n-f 
[[^14 3] 7^vx«fi7*7 | ) h*rS#fc*-7>r 

[04 4] ffif)^7^7yh^b7^-tyXOf x7^ 
-Y >*Slt S * v -Y r > h (D4ttPI!* l WWJ-r S 7n-f + 



10 
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[EM 5] {&<Df7<<T> Mc^-feyx^x-y^-f 

fc ^> o 

[0 4 6] MC(D%.f&%:Mm-?2>mV$>Z>o 

[147] icv*.f«*-ott[#ffla*Siwr*7n-^ 
[Ei 4 8] \crAL^-(DmcDm^m^mimr^mv 

[04 9] ICVtCtS^-r-feyXOnlf— tDBffl*lttHH 
lT£[*]Tfe£o 

[us o] ^^-byx^n : f | i!^ I ^njj-r^0T^^o 

1 - 1 , 1-2 ^^^T> K 
K 3 ny-rV^+J-— 
/\ 5 Sife-fr— 2 0 

2 4 Hg^tffl^BP. 2 5 

A^8P, 2 7 /j gfS, 2 8 



2 *v 
4 ^Y*tr>x^- 
^-Tv, 2 1 CPU, 
3 — r^^SB, 2 6 

3omgp, 29 i 



2r; 



[0 l ] 



[0 3] 




[08] 































( « 





SI 



S2 



S3 



S4 



B8 



[02 0] 
EKB 



Enc(DNK, KR) 



320 
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[02] 



[H4] 



20 



21 



CPU 





22 



ROM 



23 



RAM 



I 



24 







1 




| A*l* 








s 

26 


S 

27 


S 

28 



092 



29 



25 



31 



32 

-y 

T 30 



(o)(o)(*)6 

41 42 43 44 



« J* # 

5 



ft 

7* 



'J 



S21 



No 



Yes 



S22 



S23 



S24 



S25 



S26 



[05] 



[iai i] 



Header 



Data 




EiKWttonBockl EnaypfaiHodg EncgphnBodfl 



Content info.| DRMinfo. Lie. ID 


EKB Kekbc(Kc) 








CID Codec,etc...| | Usage rules/status URL 





IV 



Seed Eicc(data) 



CBC mode 
K'c=Hash(Kc,Seed) 



H5 



S151 



S152 



$153 



S154 



311 
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CH6] 



S41 



S42 yr 

K 



Yes 



S44 



S46 



S47 



S48 



Yes 

























GeEEj 



[0 7] 



c 



S61 
S62 



uRL*qtf»re 



T6 











S43 










S63 











S45 S64 

















S65 



S66 



< 



«e>n*:/r? 



TYes 



> 



S67 







Mo - 









S68 



[0 2 3] 



[HI 2] 




KO'OpO K0010 /koi 
XK0O01 K0O1 1 



0 12 3 4 



00 KOI 10 K10OO K1010 K1100 K1110 

K0101 K0111 K1001 K1D11 K1101 K1 1 1 1 



7 8 
H12 



10 11 12 13 14 15 



S171 
SI 72 

S173 

S174 
S175 

S176 
S177 



7 



I 





'No 


• 


,Yes 



















f — i — . 

(HEED 

E23 
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[119] 



*£=± J 
3 



m — 



S1Q1 



j.— -yiD<t/^r7-h\ at 



E 



S102 



S103 



2 



No 

S105 



"JS106 
-|S107 



mot- hu: waureti 



JS108 

]S109 
3110 

1 S1 1 1 



B9 



[0 10] 



S131 



SI 32 



S133 



I 



URLKT^-fe* 
\ 



_S112 



S134 



I 



S135 



S136 



S137 



S138 



S139 



1 



I 



i 



T 



7k 

C 'J»->) 010 



[02 5] 



Header 



EKB 



Enc(KR,Kc) 



Cert 



Sfg(Header) 



Enc(Kc, Content) 



Meta data 



Mark 



CID 



LID 



URL 



325 



[03 1] 



H31 



im i 3] 



[0 15] 



MG-R Entity 




DNK 



H13 



[0 3 4 ] 

Mark = { Leaf ID, Own. Sig s (LeafID, Own)} 
H34 



^a^k^-^D^^(EKB:Enabllng Key Block) 



8 



24 



32 



yt— S>a XVerslon) :t 






0 


Enc(K(t)0, K(t)R) 


00 | 


Enc(KCt)00, K(t)0) 


000 


Enc(K000, K(t)00) 


001 


Enc(K(t)001 , K(t)00) 


0010 


Enc(K0010, K(t)001) 


W3fifl:*-^D^(EKB:Enabling Key Block) 


7VW*o.i.2u:/t- 


*;a>:t<B/-K*-*:j£tt 


/X— > (Version) :t 






000 


Enc(K000, K(t)00) 


001 


Enc(K(t)001 , K(t)00> 


0010 


Enc(K00l0, K(t)001) 
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